Certified - CIPP/US Audio Course

Trailer

Episode 97 — Cross-Domain Comparison: Federal, State, and International Overlaps

The final episode ties everything together by comparing U.S. federal privacy laws, state-level frameworks, and international regimes like the GDPR. We’ll highlight how similar principles—such as data subject rights, acco

Episode 96 — Recent Changes: Pennsylvania SB 696 and Utah S.B. 127

State privacy laws continue to evolve. This episode reviews recent changes, such as Pennsylvania SB 696, which updated breach notification requirements, and Utah S.B. 127, which amended cybersecurity provisions. These ex

Episode 95 — State Variations: Comparing Notification Timelines and Duties

Even within the common framework of breach notification, state differences matter. This episode compares notification timelines, which can range from “without unreasonable delay” to fixed deadlines like 30 or 45 days. We

Episode 94 — Breach Notification: Definitions, Triggers, and Scope

State breach notification laws form one of the most uniform yet varied areas of privacy law. This episode reviews the common elements—definitions of personal information, what constitutes a breach, and when notification

Episode 93 — Enforcement Mechanics: Cure Periods and Penalties

Enforcement provisions determine how state privacy laws are applied in practice. This episode explains cure periods, which give businesses time to fix violations before penalties are imposed, and how these provisions dif

Episode 92 — Other State Acts: Emerging Comprehensive Privacy Laws

Beyond California, Virginia, and Colorado, many states are adopting or considering comprehensive privacy laws. This episode surveys these developments, highlighting features of statutes in states like Connecticut, Utah,

Episode 91 — Colorado Privacy Act: Rights, Duties, and Insurance Bias Provisions

Colorado’s Privacy Act builds on the momentum from California and Virginia, offering a comprehensive framework with unique twists. This episode reviews its applicability standards, consumer rights, and controller/process

Episode 90 — Virginia CDPA: Consumer Data Protection Act Essentials

Virginia’s Consumer Data Protection Act (CDPA) established one of the first comprehensive state privacy frameworks outside California. This episode reviews its applicability thresholds, consumer rights, and obligations f

Episode 89 — California Delete Act: Data Broker Registration and Rights

The California Delete Act introduces obligations for data brokers, requiring them to register and enabling consumers to request deletion of their data from all registered brokers at once. This episode explores the mechan

Episode 88 — California AADC: Age-Appropriate Design Code Protections

Children’s privacy receives special attention in California’s Age-Appropriate Design Code Act (AADC). This episode explains its requirements for online services likely to be accessed by minors, including risk assessments

Episode 87 — California CCPA/CPRA: Comprehensive Consumer Privacy Framework

California remains the leader in state privacy law. This episode reviews the California Consumer Privacy Act (CCPA) and its amendment through the California Privacy Rights Act (CPRA). We’ll explore applicability threshol

Episode 86 — AI Bias and ADM: NAIC AIS Guidelines, NYC AEDT, and State Rules

Automated decision-making (ADM) and artificial intelligence raise fairness and discrimination concerns. This episode introduces the NAIC Artificial Intelligence Governance Guidelines, New York City’s Automated Employment

Episode 85 — Biometric Privacy: IL BIPA, WA, TX, and Related Statutes

Biometric privacy laws impose strict requirements on collecting and using data such as fingerprints, facial recognition, and iris scans. This episode covers the Illinois Biometric Information Privacy Act (BIPA), which re

Episode 84 — Cookies and Tracking: Online Privacy Regulations

State laws increasingly regulate cookies, pixels, and online tracking. This episode explains how transparency, consent, and opt-out obligations apply to digital advertising technologies. We’ll discuss requirements for co

Episode 83 — Health Data Rules: WA MHMD, NV Health Data Act, and IL GIPA

Beyond HIPAA, states have introduced new health data privacy statutes. This episode explores Washington’s My Health My Data Act (MHMD), Nevada’s Consumer Health Data Privacy Act, and Illinois’ Genetic Information Privacy

Episode 82 — State Security Requirements: Common Controls Across Jurisdictions

Most state privacy laws include explicit security requirements. This episode reviews common obligations such as implementing reasonable safeguards, risk-based controls, encryption, and access restrictions. While states v

Episode 81 — Data Protection Agreements: Contracts and Assessments

Contracts are central to ensuring compliance with state privacy laws. This episode explains how data protection agreements define the obligations between controllers and processors, including rules for data use, security

Episode 80 — Privacy Notices: Transparency and Consumer Disclosures

Transparency is a cornerstone of state privacy laws. This episode covers the requirements for privacy notices, including disclosures about data collection, use, sharing, and consumer rights. We’ll examine layered notices

Episode 79 — Data Subject Rights: Access, Deletion, Portability, and Consent

State laws grant individuals a suite of rights over their personal data. This episode explains the rights to access, correct, delete, and port data, as well as opt-out and consent requirements. We’ll highlight how these