The Information Accountability Foundation wrote a blog outlining the unique requirements for data protection assessments under the Colorado Privacy Act. When Colorado regulations take force in July, covered entities must conduct assessments with first-of-their-kind obligations, according to IAF's analysis of assessment provisions in other domestic or global jurisdictions. IAF plans to launch "The Colorado Project," which will work to form a Colorado assessment template that considers "the breadth of parties to be considered and a description of what significant risk might entail."
Complying with Colorado's data protection assessment requirements
Related stories
A View from DC: California enforcement shows the continued importance of consumer expectations
Notes from the IAPP Canada: A look at the latest data governance happenings in Ontario
Why the increase in business representatives in the EU?
Notes from the Asia-Pacific region: Basking in the glow of digital innovation
A view from Brussels: When 'P' stands for payments
