Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
July 1, 2022
On Friday, June 3, 2022, Congress released a discussion draft of the American Data Privacy and Protection Act (ADPPA). Far from the first federal privacy bill, the bipartisan approach and compromises reflected in the draft have garnered attention at this stage.
arly analysis concludes the ADPPA is a new model for privacy law. While key concepts carryover, it’s not a retread of General Data Protection Regulation (GDPR), nor existing consumer-driven state laws from California, Connecticut, Colorado, Utah and Virginia.
There are four titles to the draft act: Duty of Loyalty, Consumer Data Rights, Corporate Accountability and Enforcement, Applicability, and Miscellaneous.
Under Title I – Duty of Loyalty, the draft outlines expectations for the principles of data minimization, restrictions on processing (loyalty duties), privacy by design and loyalty to individuals with respect to pricing.
Title II – Consumer Data Rights provides for:
Consent and Object
Title III – Corporate Accountability – under this section, entities considered large data holders will be subject to broader requirements intended to ensure compliance and increase transparency:
Finally, Title IV outlines Enforcement, Applicability and Miscellaneous provisions. Highlights include:
The ADPPA shall preempt state privacy laws with the exception of the Illinois Biometric Information Privacy Act and Genetic Information Privacy Act, Section 1798.150 of the California Civil Code (security provisions of CPRA) and other laws that solely address facial recognition, unsolicited marketing, health information and/or confidentiality of library records. Nor does the proposal change obligations of a covered entity under the Children’s Privacy Protection Act of 1998 (COPPA).
The bill will progress according to standard congressional process. As there’s sure to be debate and edits to the current draft, it’s unlikely the bill will pass before the end of the current congressional session. Whether this bill or another, a federal privacy law will eventually unite the patchwork of U.S. privacy legislation under a cohesive, comprehensive consumer data protection law.
As federal and state privacy legislation continues to be debated, there are several steps companies can take to position themselves well for the future:
If you have questions about this draft legislation and how it might affect your organization, please drop us a line.
Optiv Security: Secure greatness.™
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Let us know what you need, and we will have an Optiv professional contact you shortly.