Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
April 14, 2023
On March 28, 2023, Iowa became the sixth state to pass a modern consumer privacy law. Prior to Iowa, California, Colorado, Connecticut, Utah and Virginia also passed consumer privacy laws between the years 2020 and 2022.
Iowa’s privacy law, which goes into effect in 2025, offers consumers various privacy rights:
Iowa’s privacy law continues the trend of U.S. states adding additional layers to the patchwork of privacy legislation in place. While there is significant overlap between the requirements of each state’s privacy regulations, there are some deviations.
Notably, Iowa’s privacy law does not include a revenue threshold for applicability like California and Utah. In addition, Iowa’s privacy law does not include a right to correction like California, Colorado, Virginia and Connecticut.
Eighteen additional states currently have an active privacy bill. With momentum for state privacy legislation remaining strong, organizations must develop a comprehensive strategy to comply with current regulations, minimize the impact of future regulations and build trust with privacy-conscious consumers.
As organizations navigate the patchwork of state privacy laws, they must also remain aware of international developments.
In Europe, the European Commission released a draft adequacy decision on Dec. 13, 2022, approving the new EU-U.S. Transatlantic Data Privacy Framework. This draft adequacy decision is the first step in the EU’s adoption procedure. However, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs recommended on Feb. 14, 2023, that the European Commission reject the EU-U.S. Transatlantic Data Privacy Framework. According to the committee, the proposed framework does not fully comply with the EU’s General Data Protection Regulation (GDPR) and the Biden Administration’s executive order promising limits to surveillance activities is insufficient as it can be reversed at any time. This nonbinding draft resolution does not stop the adoption process, but the criticisms do highlight the lack of a federal U.S. privacy law.
In 2022, the American Data Privacy and Protection Act (ADPPA) was introduced within Congress to offer a comprehensive national privacy law. While it passed out of the Energy and Commerce Committee 53-2, it did not receive a vote within the House floor. Given the new session of Congress, the bill must be reintroduced to restart its legislative path in the House. A recent hearing hosted by the Energy and Commerce’s Subcommittee on Innovation, Data and Commerce addressed the proposed ADPPA.
"We were almost there," Subcommittee on Innovation, Data and Commerce Ranking Member Jan Schakowsky, D-Ill., said. "We heard the cry of the vast majority of Americans who are really tired of feeling helpless online. … I think it's time for us to roll up our sleeves and in a bipartisan way. The U.S. is far behind, and we need to catch up."
Given the passage of Iowa’s privacy law and the uncertainty of other privacy initiatives, organizations are reminded that the best approach to consumer privacy is maintaining a consolidated, rationalized set of requirements and a suite of proactive operations to address these requirements. With these components in place, organizations will have a fit-for-purpose privacy program that can handle ambiguity, overcome obstacles and safely facilitate the processing of personal data.
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Let us know what you need, and we will have an Optiv professional contact you shortly.