Ask a CCO: Plan for complying with varied U.S. privacy laws
Four senior compliance practitioners share their views on the U.S. data privacy landscape and the actions their companies are taking to keep pace with new state laws set to hit the books in 2023. Today’s question:
Q: How does your company plan to comply with varying U.S. state privacy laws?
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleCalifornia privacy board moves forward with draft CPRA regulations
The California Privacy Protection Agency unveiled draft rules for the soon-to-be enacted California Privacy Rights Act at its board meeting.
-
ArticleConnecticut fifth state to pass comprehensive data privacy law
Connecticut has joined four other states in passing a comprehensive data privacy law that requires companies to provide consumers with information about the personal data they collect.
-
ArticleNew Utah privacy law ‘lighter’ than predecessors
Utah has become the fourth U.S. state to pass a comprehensive data privacy law, with others potentially on the way during this legislative session. Experts weigh in on how the Utah law compares to its counterparts in California, Colorado, and Virginia.
More from Opinion
-
OpinionCreating effective compliance messages for specific employee groups
As 2026 arrives, have you considered the efficacy of your compliance messaging efforts? We have all seen these compliance taglines “Speak Up!,” “See Something, Say Something,” “Ethics Matter!”
-
OpinionTeaching the business to speak risk
Compliance professionals understand the value of risk assessments. We conduct them annually, map risks to controls, and present heat maps to the board. But there is a strategic opportunity that many compliance programs overlook: Teaching the business itself to think in the language of risk.
-
OpinionSOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is ...