New State Privacy Impact Assessment (PIA/DPIA) Requirements - Now in Force

When the page turned on 2024, eight new U.S. state privacy laws went into effect, or are poised to do so by midsummer of this year. Seven of these – Delaware, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Tennessee— will all require businesses to complete data protection (aka privacy impact) assessments for processing activities that present a heightened risk of harm, including the processing of sensitive information. While the baseline of all these new requirements is similar to existing state privacy laws, nuances exist, and privacy compliance teams should pay careful attention to the specific elements of each law while crafting policies and developing procedures.

Join us for this practical discussion with legal and operational privacy experts to learn what you should be doing now to prepare for these obligations.

Ample time will be reserved for audience questions.