This month, Massachusetts Attorney Maura Healey announced the creation of a new data privacy and security division to protect consumers and police businesses’ use of personal data. The division will be headed by Sarah Cable, who has headed the AG’s cybersecurity and data privacy protection efforts since 2016, and won an $18.2 million settlement following the 2017 Equifax data breach.
The move is just one of many state-led initiatives to crack down on data privacy violations:
Coupled with legislative efforts such as the CCPA and New York’s Shield ACT, such initiatives show a growing awareness and determination from local officials to take data privacy into their own hands. That creates challenges for companies that need to navigate overlapping and frequently changing regulatory landscapes — and makes it all the more important to streamline your internal data handling procedures, so your data-governance teams can focus their energy on developing procedures and guidelines that will ensure compliance and help you avoid regulatory pitfalls in the months and years to come.