What is common with CCPA, SHIELD, LGPD, DPB and GDPR?

The world is rushing to secure one expensive currency in recent times, the Data. With its value across verticals, data has become the next deciding factor for businesses to operate across multiple geographical locations successfully.

Need for data protection laws

Considering the importance of the data, most organizations do collect, process, store and delete them as per their business requirements, however certain organizations are yet to make it a habit and develop that into their privacy policy.

Extreme leveraging of the collected data is being displayed by certain fortune 500 companies and considering cases like that and for the welfare of the privacy countries and states have composed their own data protection laws that will help individuals to achieve and sustain their privacy over personal data. 

Data Protection Laws for 2020

On May 25, 2018 General Data Protection Regulation(GDPR) making EU organizations to become compliant with this data protection law. This law alone brought tremendous changes across organizations in redefining their data management routines and procedures.

Now in 2020, more such data protection laws will be practiced in different regions, for example, California Consumer Privacy Act (CCPA) for California State, Stop Hacks and Improve Electronic Data (SHIELD) act for New York, Lei Geral de Proteao de Dados (LGPD) for Brazil and Data Protection Bill (DPB) for India.

Each of these laws will come with their own set of articles and norms that need to be understood by the businesses for implementing the same effectively. Though there are a substantial amount of differences and uniqueness among them their main objective is to safeguard personal data. 

What does CCPA, SHIELD, LGPD, DPB and GDPR have in common?

All these data protection laws are focused in securing personal data of the end users/residents/citizens, and to do that strong norms have to be defined along with huge penalties. One common attribute among them is increasing privacy and imposing penalties. Any breach of these laws may affect the finance and brand reputation of the business but it does not hinder the regular operations. 

The common highlights are, 

1. Protect personal data.
2. Makes businesses implement robust cybersecurity practices.
3. Follow strict access policies.
4. Inflict penalties in case of non-compliance.
5. Timeline and process for reporting a data breach.
6. Consent for data collection.
7. Data lifecycle management blue print.
8. Applies to any business that serves the data protection law region.

How to become compliant with all these data protection laws simultaneously

Identify the business’s key area of interest and then formulate data management strategies with the privacy team, after formulating try preaching the teams and employees regarding data security framework, employ strong data management tools, allocate dedicated professionals for data security management, i.e Data Protection Officer (DPO), keep your systems and process updated.