Colorado: Personal data privacy bill signed into law by Governor
Senate Bill ('SB') 21-190 for an Act concerning additional protection of data relating to personal privacy was signed, on 7 July 2021, by the Colorado State Governor. In particular, SB 21-190 provides several privacy rights, including the right to opt-out of the processing of personal data, as well the right to access, correct, or delete personal data, or to obtain a portable copy of the data. Furthermore, SB 21-190 imposes obligations on data controllers such as transparency, purpose specification, data minimisation, non-discrimination, and the use of sensitive data, among others. In addition, SB 21-190 requires that controllers conduct assessments when processing personal data in activities that present a heightened risk to consumers and assigns enforcement powers to the Attorney General and district attorneys.
Moreover, SB 21-190 will go into effect on 1 July 2023.
Join OneTrust DataGuidance for a webinar discussing the details of the new Colorado Privacy Law (CPA), the implications for organizations and their obligations under the law, and measures to consider to comply with the new law.
- The nature of the new Colorado Privacy Act (CPA) and how it will impact organizations
- How the CPA compares to other US Privacy Laws, like the CCPA and CDPA
- How this law impacts organizations and the steps they should take to ensure compliance