Privacy laws in the United States
Data privacy laws in the US regulate the use, collection, and disclosure of data and individuals’ rights concerning the data once it is shared.
The United States doesn’t have one comprehensive law that covers the privacy of all types of data. Instead, there are laws covering only specific types of data in special circumstances or applicable to given states.
There are a few major data privacy acts in the US:
- Health Insurance Portability and Accountability Act (HIPAA) – It regulates the use and disclosure of personal health information (PHI) by healthcare providers and health insurers.
- Gramm-Leach-Bliley Act (GLBA) – This law applies to financial institutions and obliges them to implement tight security measures for data protection.
- Children’s Online Privacy Protection Act (COPPA) – It sets an obligation for web and app providers to receive parental consent before collecting any personal data on children under 13 years old.
The law that revolutionized the approach to data privacy in the US was the California Consumer Privacy Act (CCPA), expanded with the California Privacy Rights Act (CPRA) and applicable to businesses in California. It gives consumers rights concerning their personal data and imposes certain obligations on businesses that collect or sell it.
Only a few other US states have their own data privacy laws, including:
- Utah Consumer Privacy Act (UCPA)
- Colorado Privacy Act (CPA)
- Virginia Consumer Data Protection Act (VCDPA)
- Connecticut Data Privacy Act (CDPA)
US companies operating in the EU are also obliged to adhere to GDPR.
You may also like:
Data privacy laws in the United States and how they affect your business
11 new privacy laws around the world and how they’ll affect your analytics
Data privacy breach
EU-US data privacy framework
April 24, 2024
25 years of digital analytics with Brian Clifton: From examining log files to privacy-focused analytics
From its beginning in the mid-1990s to the present day, digital analytics has undergone significant changes, shaped by technological advancements, evolving market demands, and regulatory landscapes. Join us as we delve into the history of digital analytics, led by the renowned digital analytics and privacy expert Brian Clifton. Our video series comprehensively explores our industry's history, […]
Read more
April 22, 2024
“Cookieless future” is just a buzzword – Here is all you need to know about the end of third-party cookies
Key takeaways: The “cookieless” future won’t be entirely cookieless. While major browsers are transitioning away from third-party cookies in the face of user privacy and security concerns, first-party cookies remain an integral part of the web.The demise of third-party cookies will particularly impact digital advertising practices. Advertisers and marketers need to adapt to new methods […]
Read moreOther definitions
- Page view
- Privacy by design
- Private cloud
- Product analytics
- Personal data
- Profiling
- Progressive web applications (PWA)
- Protected Health Information (PHI)
- Personally identifiable information (PII)
- Privacy Shield
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- Paid marketing activities
- Predictive metrics
- Pseudonymous data
Recent posts from Piwik PRO blog
- 25 years of digital analytics with Brian Clifton: From examining log files to privacy-focused analytics
- “Cookieless future” is just a buzzword – Here is all you need to know about the end of third-party cookies
- Implement your data privacy strategy with Piwik PRO Analytics Suite
- Digital marketing analytics: The beginner’s guide to data-driven marketing success
- How you can drive growth for your business with an integrated analytics platform