IA’s State Privacy Law Portal

In the face of an ever-growing patchwork of U.S. state comprehensive consumer privacy and data security laws with which the insights industry must contend, the Insights Association provides compliance information spinning out from this hub.

In addition to the specifics on each law below, we have some general compliance guidance, including:

• Big Privacy Laws Starting in 2023 in Five States
• Privacy and Data Security Compliance IS Manageable When You Focus on These 5 Things
• More Privacy Laws Take Effect July 1, 2024

California Privacy Rights Act (CPRA) / California Consumer Privacy Act (CCPA)

• CCPA/CPRA Portal 

Colorado Privacy Act (CPA)

• New Comprehensive Privacy Law in Colorado - Colorado Privacy Act - S.B. 190
• Rules Finalized for the Colorado Privacy Act
• Colorado H.B. 1058 Adds Biological and Neural Data to Privacy Law
• Minors Provisions Build Out Colorado Privacy Act - S.B. 41
• New Colorado Biometric Privacy Law H.B. 1130

Connecticut Data Privacy Act (CTDPA)

• Connecticut Comprehensive Privacy Bill S.B. 6 Now Law
• Connecticut Privacy Law Expanded - S.B. 3 Restricts Consumer Health Data and Brings New Minors Privacy Regime
• NEW CONNECTICUT LAW ON STATE USE OF AI AND PRIVACY COMPLIANCE BY CONTRACTORS - S.B. 1103
• Connecticut Privacy Law Enforcement After First Six Months
• Connecticut Law H.B. 6607 Prohibits Punitive Damages in Data Breach Lawsuits Against ISO-Compliant Companies

Delaware

• Delaware Personal Data Privacy Act is Now Law - H.B. 154
• Data Destruction Demanded in Delaware for 2015
• Delaware Online Privacy Protection Act (DOPPA)
• Delaware Protection of Personal Information Law

Indiana

• New Indiana Privacy Law S.B. 5

Iowa

• New Iowa Comprehensive Data Privacy Law - S.F. 262

Kentucky

• (Coming soon)

Maryland Online Data Privacy Act (MODPA)

• Maryland Online Data Privacy Act Taking Effect
• Maryland Kids Code Now Law

Minnesota Consumer Data Privacy Act

• Minnesota Consumer Data Privacy Act Now Law

Montana Consumer Data Privacy Act

• Montana Consumer Data Privacy Act Now Law - S.B. 834

Nebraska Data Privacy Act

• New Comprehensive Privacy Law for Nebraska - L.B. 1074

New Hampshire Consumer Data Privacy Act

• New Hampshire Passes Privacy Law - S.B.255

New Jersey Data Privacy Act

• New Jersey Data Privacy Act Now Law - S. 332
• New Jersey Privacy Regulator Offers Guidance for 2025 Law

Oregon

• Oregon Consumer Privacy Act - OCPA - Now Law
• New Oregon Data Broker Registry Law Will Snare Some Insights Companies
• Oregon H.B. 3284 Restricts COVID-19-Related Personal Health Data
• Oregon Privacy Enforcement and Compliance Review
• Oregon Guidance on AI Restrictions and Requirements Under State Law
• Oregon Law H.B. 2008 Prohibits Sale of Location Data and Minors Data

Rhode Island

• (Coming soon)

Tennessee Information Protection Act

• Tennessee Information Protection Act Signed Into Law

Texas Data Privacy and Security Act

• New Law - Texas Data Privacy and Security Act
• TEXAS NOW REQUIRES DATA BROKER REGISTRATION AND SECURITY PROGRAMS
• TEXAS AG LAUNCHES PRIVACY ENFORCEMENT TEAM
• Texas AG is Busy Enforcing State Privacy Law
• Update on Texas Privacy Law Enforcement Actions
• Texas Data Broker Law Updated by S.B. 1343 and S.B. 2121

Utah Consumer Privacy Act

• Utah Consumer Privacy Act S.B. 227 Now Law
• Utah H.B. 418 Added Consumer Data Correction Right
• New Utah Law Provides Defense Against Data Breaches for ISO-Compliant Organizations

Virginia Consumer Data Protection Act (VCDPA)

• Virginia the 2nd State with Comprehensive Privacy Regulation - Consumer Data Protection Act Now Law 
• VCDPA - Virginia Privacy Law Changed in 2022
• Virginia Expands Kids Privacy Provisions in VCDPA
• Learning From Consumer Complaints Under Virginia Privacy Law
• Virginia Law S.B. 754 Restricts Reproductive or Sexual Health Data Privacy

Washington My Health My Data Act

• Washington My Health My Data Act is Now Law - H.B. 1155
• Washington Health Data Privacy Law Coming into Effect March 31, 2024

This information is not intended and should not be construed as or substituted for legal advice. It is provided for informational purposes only. It is advisable to consult with private counsel on the precise scope and interpretation of any laws/regulation/legislation and their impact on your particular business.