Online privacy legalities should be a fundamental consideration for all businesses, websites, and digital apps. Several federal statutes govern the handling and storage of personally identifiable information. Additionally, most commercial sites must comply with a patchwork of state online privacy and data breach rules. So, if you're business is based in Illinois, but you allow California residents to access and interact with your website, you're also beholden to the Golden State's arsenal of online privacy laws.
The Children's Online Privacy Protection Act (COPPA), as you can probably glean from its name, protects minors' identities online. The law applies to websites, apps, and other digital platforms that collect data from children aged 12 and under. Penalties for not complying with this federal online privacy law are steep. So, if you have a website or app that children may use, make sure it's COPPA compliant. If you need help, get in touch today.
Also known as the Financial Modernization Act, the Gramm-Leach-Bliley Act ushered in several measures that addressed the realities of a digital, global financial market.
In addition to regulatory issues, a section of the law (15 U.S.C. Sections 6801-6809) addresses digital privacy and outlines how businesses must handle personal financial data.
Primarily, companies that collect or store users' financial information (including credit card numbers) must implement heightened security measures to ensure the data stays safe. Additionally, the bill includes various consumer reporting, notification, and opt-out requirements.
On May 25, 2018, the General Protection Data Regulation went into effect. Though a measure installed by the European Union, websites and digital platforms that allow EU and U.K. users must comply or risk a gigantic fine.
The GDPR's goal is to give users control over their data. As such, the statute requires websites to provide certain information to users upon request, in addition to a handful of collection and deletion standards.
The Health Insurance Portability and Accountability Act (HIPAA) includes a strict online privacy parameter regarding "protected health information" - a.k.a. PHI. Any company or website that collects or handles PHI is bound to the law.
What information falls under the HIPAA protection umbrella? Names; Telephone numbers / contact information; Birth, death or treatment dates, and any other dates relating to a patient's illness or care; Medical Record Information; Social Security numbers; Photographs; Voice, Facial, and Fingerprints; and Any qualifying unique identifying or account number.
Are you HIPAA compliant? Check in with legal practice with an online privacy division (like us) to make sure. We'll review your business model and offer suggestions on how to comply with HIPAA's privacy provisions and all other local, state, federal, and international digital and business law statutes.
As stated, California has the strictest online privacy laws in the country. If you meet California's online privacy bar, you should be good to go for all other states.
Primarily, the law makes privacy policies mandatory. Moreover, if platforms collect or store personally identifiable information (PII), then they must comply with specific digital privacy standards.
California companies aren't the only entities bound to CalOPPA's provisions. If your website makes money in any way — even $1 a month via advertising — and you allow California residents to access your platform, then you're subject to California's online privacy law.
Unsure if your app or website complies with CalOPPA? We'll do a legal audit and determine your path to profitable compliance.
You need an experienced, discreet attorney to ensure that your business stays compliant, while remaining as profitable as possible. We are that team. Get in touch today to begin the conversation.
After several online privacy gaffs, Facebook says it's changing direction to a model where content disappears after a short period. Will it work? Jump in.GO »
A hugely popular social media platform must fork over $5.7 million for violating the Children's Online Privacy Protection Act. Are you compliant?GO »
Yes, every website and app must follow online privacy laws. Click through for a short list of the must-follow regulations, plus more helpful info.GO »
Some pundits think that the General Protection Data Regulation will hamstring law enforcement agents on the hunt for crypto criminals.GO »
The General Protection Data Rule (GDPR) is now in effect. Though an EU law, most stateside websites must comply with the new online privacy statute.GO »
According to reports, Facebook seems to have moved a ton of data from the EU to California. Is it to avoid an impending online privacy law?GO »