Practical Privacy: Where do I start?

I often hear from clients that they are concerned about privacy issues, but that they don’t know where to start. This common conundrum is partially a result of the myriad of different sector specific privacy laws, overlapping state and federal privacy obligations, and constantly changing case law. One of the best places to start is to determine what is applicable to your business by asking the following questions:

1. What industry or industries does your business operate in?
2. Are you a regulated business and who is your primary regulator?
3. Does your business operate in some states, all states, or internationally?
4. Does your business have a website and/or mobile application that is utilized by individuals outside of your physical geographic region?
5. Is your business subject to contractual obligations that impose certain privacy or cybersecurity obligations?
6. Do you collect certain types of information that could be considered sensitive, such as children’s data, health data, or biometric information?

The answers to these questions will help you develop a roadmap to understanding the industry and sectoral legal requirements applicable to your business.