On 29 March 2023, Iowa became the sixth state to pass a comprehensive data privacy law (in line behind Connecticut, Utah, Virginia, Colorado, and California). The Iowa Consumer Data Protection Act (‘ICDPA’) will go into effect on 1 January 2025. While there are some familiar elements to other state laws that came before it (the law is most similar to that enacted recently in Utah) – there is still a lot that you need to do!
What are the key things for business to focus on if they are already CCPA compliant or compliant with another state privacy program? What about for businesses who are not yet compliant with any state-specific privacy regulations?
Odia Kagan and Melanie Notari, from Fox Rothschild LLP, provide an overview of some of the ICDPA’s provisions and take a look at what needs to considered in order to comply with the law.
Read their article on OneTrust Data Guidance.