US Privacy Laws Broad Picture 1 of 2

US Privacy Laws Broad Categories Copyright Douglas Knehr -1 of 2

Click on the above link for a condensed view of my deep research and expertise in US Privacy Laws covering the following areas:

Risk of using personal information improperly
Legal risks
Operational risks
Terms
Understanding laws
Notice which serves two purposes
Access to view personal information held by organization
Choice
Regulatory authorities
FTC has the general authority to enforce unfair and deceptive trade practices
FCC –
Federal banking regulatory agencies
Self-regulation
Department Health and human services
Dept Homeland security
Dept Commerce and DOT share enforcement for safe harbor between US and EU
Sources of law in the United States
United states constitution
Legislation
Regulation rules
Case law
Consent decree
Contract law requiring offer acceptance consideration
Tort law
Structure of US Laws
Types of litigation
Enforcement of LAws
New Hampshire Breach notification law
Who is covered
Types info covered
exact requirements
whats required
who enforces
what happens if I don’t comply
why does law exist
Medical privacy laws Hippa and Gina
Health insurance portability and accountability act of 1996 hIPAA which was updated by the health information technology for economic and clinical health act of 2009 HI TEC H
HIPAA
HITECH health information technology for economic and clinical health
Genetic information nondiscrimination act 2000 8G GINA
Financial privacy
Fair credit reporting act Fcra
Fair and accurate credit transactions act FACTA of2003
GL BA Graham Leach Bliley act of 1999
California SB-1the California financial information privacy
Anti Money Laundering Laws
Dodd frank Wall Street reform and consumer protection act 2010
Consumer financial protection Bureau CFPB
Education records
Family educational rights and privacy act of 1974 FERPA ( Buckley amendment)
Protection of pupils rights amendment act 1970 ppra
When a student turns 18 the student is the person Control of Rights connected to education records including grades rather than the parent

Telecommunication and marketing privacy laws
Communication channels
Information collected by telecommunication companies
Information security and data breach notification laws
Privacy statutes about online activities
COP PA children’s online privacy protection act of 1998
California online privacy protection act of 2003
Telecommunications and marketing laws continued
Information management program to create policies and procedures for following departments
Direct marketing
Human resources
International data flows and proper contracts
Publishing online privacy notices one data is collected
Steps to building information management privacy program
Data sharing and transfer
Privacy policies and disclosure ( internal to communicate internallly within corp)
Training
Managing user preferences and access requests
Data Retention
Incident Response
Contract and vendor management
Data Preference & Access
Self-regulation
Payment card Institute data security standard PCI DSS
Digital advertising alliance DAA which uses an icon program
Uses third-party Privacy sean and certification programs such as
Preemption Issues
Federal Preemption is based on
FACTA preempts stricted state laws
State law can preempt GLBA
State AGs can enforce HIPAA and GLBA
HIPAA
State Enforcement of privacy laws
Each state has a comparable section to section 5 of FTC act all commonly known as unfair and deceptive practices and practices for UD AP statutes
State Public Utilities commissions
Private rights of action Privacy Torts
Contract theory
Review the National Association Attorney’s general consumer protection project
Federal regulators and enforcement of privacy
X other federal agencies to consider
Workplace privacy
Telemarketing and marketing privacy
Education privacy
Financial privacy Graham Leach Bliley act
Medical privacy
FTC
Future consumer privacy Bill of Rights from the White House report
Cross-border enforcement issues