Global Privacy Compliance

Let us help your organization navigate global privacy compliance.

Looking at DLA Piper’s Data Protection Laws of the World, we can see that virtually every country has some form of data privacy law. Failure to comply with applicable privacy laws may lead to fines, lawsuits, and even prohibition of doing business in that jurisdiction. Navigating these laws and regulations can be daunting, but Privacy Matters’ experts can help you simplify compliance.

We will work closely with your organization to assess your current privacy program and review applicable privacy legislation that may impact your organization. Next, we will work with the various business departments to implement new compliance measures (if necessary), and integrate these new measures with your privacy program. Lastly, privacy compliance is an ongoing effort. Privacy Matters will continuously monitor global compliance requirements and notify your organization of any changes.

Global Privacy Compliance FAQs

  • While the U.S. doesn’t have a comprehensive federal law, there’s a complex patchwork of sector-specific and state privacy laws including:

    • The Federal Trade Commission Act (TFC Act)

    • Health Insurance Portability and Accounting Act (HIPPA)

    • Children’s Online Privacy Protection Act (COPPA)

    • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

    • Virginia’s Consumer Data Protection Act (CDPA)

    • Colorado Privacy Act (CPA)

    • New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD)

    • Utah Consumer Privacy Act (UCPA)

    • Connecticut’s Data Privacy Law (CTDPA)

    The General Data Protection Regulation (GDPR) in the E.U. is considered the global ‘gold standard’ of privacy law.

    Brazil’s General Law for the Protection of Personal Data (LGPD) contains provisions similar to the GDPR.

    China’s privacy regime includes the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law.

  • It depends. If you process the data of citizens of foreign jurisdictions then you could be subject to their privacy laws. For example, the E.U. and Brazil’s privacy laws apply to any organization that collects, uses, stores, discloses, or processes the personal data of anyone residing in the E.U. - regardless of the individual’s citizenship or the location of the organization’s headquarters.

    California’s CCPA applies to any for-profit businesses who do business in California and derive 50% or more of their annual revenue from selling California residents’ personal information.

    It doesn’t matter if you are a Canadian company – if you do business in other jurisdictions, you need to be aware of relevant privacy laws.

Ready to get started?