Revisiting the Connecticut Data Privacy Act

Back in May of 2022, we wrote about Connecticut’s new data privacy law here and with 30 days to go before it’s live (July 1st, 2023), we thought it would be a good time to revisit the Connecticut Data Privacy Act. If you would like to read the full text of the act, click here. DISCLAIMER: We are not a law firm. This isn’t legal advice and is not legal opinion. Please seek out an attorney who is knowledgeable in these matters if you have questions.

In the article we wrote, we gave a very quick summary of things that are of interest. Here’s a FAQ from Attorney General for a brief rundown of the law.

Key dates

July 1st 2023. This is when the 1st part of the law goes into effect. January 1st 2025 is when the last part goes live.

Information security responsibilities

We very briefly mentioned this last time. If your organization meets the requirements where you’re mandated to comply with the law, the two things the CTDPA broadly requires you do is to limit the amount of personal data you collect about a consumer and to have controls in place to “establish, implement and maintain reasonable administrative, technical and physical data security practices to protect the confidentiality, integrity and accessibility of personal data appropriate to the volume and nature of the personal data at issue …” [Source: https://www.cga.ct.gov/2022/ACT/PA/PDF/2022PA-00015-R00SB-00006-PA.PDF ]

In short, by limiting the amount of personal data your organization collects, you are reducing the impact that a data breach has on your customers and you’re reducing the risk you’re carrying. The second part about having certain controls in place means that you should adopt a reputable cybersecurity framework to help reduce your risk. Check out our post on cybersecurity frameworks here to learn what they are.

How we help

External risk/threat assessments. Some of the things we look for are security holes in your publicly facing digital assets, data leaks, and data breaches. You’ll receive reporting of any findings and ways to get any issues under control.

With regard to cybersecurity frameworks, we help guide you through the adoption of them and take on the role of advisor, if that is the help you seek.

Reach out

To learn more about our business services, please reach out by completing the contact form below.

 

Contact Us | Bsquared Intel

Please fill out the form below, or call 203.828.0012, to learn how bsquared intel can assist you.

Name(Required)