The Connecticut Privacy Act imposes obligations on both controllers 1 and processors 2 of personal data. In both cases, however, this exemption requires the Controller to have a reasonable basis to believe the consumer has lawfully made this information available to the general public. Notably, the definition of publicly available information in the Connecticut Privacy Act is broad, extending not only to information lawfully made available by federal, state or municipal government records, but also that which is made available in widely distributed media. The Connecticut Privacy Act applies to "personal data", which is defined as "any information that is linked or reasonably linkable to an identified or identifiable individual," not including de-identified data or publicly available information. What does the Connecticut Privacy Act apply to? In addition to an exemption personal data collected to process payment transactions, the Act also exempts personal data that are subject to various federal sectoral privacy laws and categorical exemptions for certain entities including state agencies, nonprofits, financial institutions subject to the GLBA, and covered entities and business associates subject to HIPAA. controlled or processed the personal data of at least 25,000 Connecticut residents and derived over 25% of their gross revenue from the sale of personal data.controlled or processed the personal data of at least 100,000 thousand Connecticut residents (not including personal data controlled or processed for the sole purpose of completing a payment transaction) or.produce products or services that are targeted to the residents of Connecticut Īnd who during the preceding calendar year:.Subject to certain exemptions, the Connecticut Privacy Act imposes certain obligations on persons who either: Who does the Connecticut Privacy Act apply to? Businesses will have to continue to navigate this increasingly complex data privacy framework in developing a compliant data privacy program. for states to individually address consumer rights and business obligations relating to consumer data, in the absence of uniform legislation from Congress. The passage of the Connecticut Privacy Act continues the trend in the U.S. The Connecticut Privacy Act is set to become effective on July 1, 2023. Governor Lamont’s approval makes Connecticut the 5th state to pass a comprehensive data privacy law joining California, Utah, Virginia, and Colorado. Ned Lamont approved Connecticut Senate Bill 6, an Act Concerning Personal Data Privacy and Online Monitoring (the "Connecticut Privacy Act").
This week, on Tuesday May 10, 2022, Connecticut Gov.
0 kommentar(er)
