Speaker 1: Know this list like your livelihood depends on it, because it might. Data drives every business, but the very data that enables business success can be extremely sensitive. Not only can unethical data handling cost a business in fines, productivity, and reputation, but it can put their customers and employees at risk. That's where data privacy legislation comes in. Data protection and privacy laws have been developed worldwide to govern how data is collected, processed, stored, and used. Here, we'll go over what we think are the most important data privacy regulations businesses and consumers need to be aware of. For a deeper dive, check out our dedicated security site by clicking the link above or in the description below. And subscribe to Ion Tech for more videos on all things business tech. Arguably the most significant international data privacy law is the General Data Protection Regulation, or GDPR. It went into effect in 2018 to keep businesses more transparent and give individuals more privacy rights. Although it's an EU regulation, it applies to any organization that collects the data of an EU citizen, regardless of where the business is based. So it's best to ensure compliance, no matter where you operate out of. While the U.S. doesn't yet have a national data privacy law, there are several statutes that address privacy issues. You've probably heard of it before. HIPAA, or the Health Insurance Portability and Accountability Act, has many purposes, among them to safeguard patient health and medical information. The Privacy Act of 1974 established practices to govern the collection, processing, management, dissemination, and destruction of personally identifiable information, or PII, like names, addresses, biometrics, email, social security numbers, etc. The Graham-Leach-Bliley Act concerns how financial institutions deal with PII. The Children's Online Privacy Protection Act aims to protect children under 13 using the Internet by requiring parental consent to collect personal information. As a bonus, there's currently another act in progress, the Kids Online Safety Act, that may impose stricter regulations about online content to children 17 and under. The Fair Credit Reporting Act, or FCRA, limits what information can be used to determine an individual's eligibility for credit, employment, or insurance. Your email inbox can thank the Can Spam Act. It sets rules for what businesses can email you and requires an opt-out option. The Family Educational Rights and Privacy Act lets students revise their records for accuracy and prohibits sharing student PII without consent. On top of those national regulations, states and even cities can enact their own local legislation. At the time of this video, eight U.S. states have privacy laws, and that will grow to 15 by 2026. Most notable, however, is the CCPA. The California Consumer Privacy Act intends to give California residents control over their personal information, specifying that they can ask businesses what information they collect, why, and from where. Like GDPR, CCPA applies to all organizations that do business with California residents, regardless of where the businesses are headquartered. Consumers are more and more concerned with privacy, and data is growing at near immeasurable rates. So, if your team handles data, you need to know these laws. What other privacy-related regulations should businesses know about? Share your thoughts in the comments, and remember to like and subscribe too.