Global Data Law Requirements

Global Data Privacy Laws – GDPR, CCPA and NY Data Shield

Global Data Privacy Laws

The data professionals at HewardMills provide high quality regulatory advice to help clients comply with a range of global data regulations.

Despite General Data Protection Regulation (GDPR) being a European law, it has far-reaching territorial scope. Any business in the world that processes EU personal data is caught by the Regulation.

The California Consumer Privacy Act (CCPA) comes into effect on 1 January 2020 and requires compliance where businesses, wherever they are situated, to comply where they process personal data of Californian residents.

New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) was enacted on 25 July 2019. It significantly amends the state’s data breach notification law and in addition to other factors, includes references to HIPAA (see below).  The Act applies to any business regardless as to where they are situated, that processes personal data of New York citizens.

The US Health Insurance Portability and Accountability Act  (HIPAA), sets the standard for protecting sensitive patient data.  Any company that deals with protected health information (PHI) must ensure that all required physical, network and process security measures are in place and followed.  HIPPA violations are expensive with individual penalties for non-compliance ranging from $100-$50,000 with a maximum of $1.5m per year.

We are a multi-disciplinary team of data protection practitioners, lawyers, corporate governance and cyber security experts, with a wealth of knowledge delivering data protection excellence and trust to you and your organisation.

If you would like to learn more about how HewardMills helps organisations handle and process data safely, securely and responsibly in line with international policies and regulations, please get in touch via telephone (+44 (0) 20 3367 1245 or +353 (0) 1669 4642), or email dpo@hewardmills.com today.

Global Data Privacy Laws

The data professionals at HewardMills provide high quality regulatory advice to help clients comply with a range of global data regulations.

Despite General Data Protection Regulation (GDPR) being a European law, it has far-reaching territorial scope. Any business in the world that processes EU personal data is caught by the Regulation.

The California Consumer Privacy Act (CCPA) comes into effect on 1 January 2020 and requires compliance where businesses, wherever they are situated, to comply where they process personal data of Californian residents.

New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) was enacted on 25 July 2019. It significantly amends the state’s data breach notification law and in addition to other factors, includes references to HIPAA (see below).  The Act applies to any business regardless as to where they are situated, that processes personal data of New York citizens.

The US Health Insurance Portability and Accountability Act  (HIPAA), sets the standard for protecting sensitive patient data.  Any company that deals with protected health information (PHI) must ensure that all required physical, network and process security measures are in place and followed.  HIPPA violations are expensive with individual penalties for non-compliance ranging from $100-$50,000 with a maximum of $1.5m per year.

We are a multi-disciplinary team of data protection practitioners, lawyers, corporate governance and cyber security experts, with a wealth of knowledge delivering data protection excellence and trust to you and your organisation.

If you would like to learn more about how HewardMills helps organisations handle and process data safely, securely and responsibly in line with international policies and regulations, please get in touch via telephone (+44 (0) 20 3367 1245 or +353 (0) 1669 4642), or email dpo@hewardmills.com today.

Let’s work together

Contact us

Let’s work together

Contact us