Kaus Phaltankar, co-founder and CEO of Caveonix, said several U.S. states are implementing data privacy laws to protect sensitive information from being compromised and businesses need to take into consideration a number of measures to ensure compliance with such regulations.
Companies looking to comply with data privacy laws should have a better understanding of the regulations and remediation scope, assess the potential impact of such laws on business operations, consider cross-state implications of the regulations and establish data privacy practices, Phaltankar wrote in an article published Friday on Security Magazine.
He offered information on data protection laws in Connecticut, Virginia, Colorado, Utah and California and penalties associated with failing to comply with such regulations.
The Consumer Data Protection Act in Virginia took effect in January and comes with penalties per violation of up to $7,000 for non-compliant organizations.
To avoid paying fines, Phaltankar urged businesses to secure consent and prioritize transparent data practices, field a unified platform for continuous monitoring, conduct regular risk assessments and audits and establish a framework and implement controls.
He also called on companies to educate employees on security, privacy and compliance requirements, verify compliance by supporting investigations and audits and validate processes and document procedures.