Ask Reggi Your Question Now
Can you summarize SB 21-190?
Senate Bills > Protect Personal Data Privacy; Concerning additional protection of data relating to personal privacy.
Short Summary
The Colorado Privacy Act is introduced to provide additional protection for data relating to personal privacy. It applies to controllers conducting business in Colorado or intentionally targeting residents of Colorado. The Act grants consumers the right to access, correct, and delete personal data, as well as the right to opt out of the processing of personal data for targeted advertising, sale of personal data, and profiling. There are exemptions for certain types of data, such as protected health information, employment records, and data regulated by federal laws like HIPAA and the Gramm-Leach-Bliley Act. The Act does not specify penalties for non-compliance. Overall, the Act aims to empower consumers and ensure responsible data handling by companies.
Whom does it apply to?
Controllers that conduct business in Colorado or produce/deliver commercial products/services intentionally targeted to residents of Colorado
What does it govern?
Additional protection of data relating to personal privacy
What are exemptions?
Protected health information, health-care information, patient identifying information, identifiable private information, information and documents created by a covered entity for purposes of complying with HIPAA, patient safety work product, information protected by an evidentiary privilege under Colorado law, information protected speech under applicable law, data maintained for employment records purposes, data maintained by an air carrier, data maintained by a national securities association, customer data maintained by a public utility or authority, data maintained by a state institution of higher education, the state, the judicial department of the state, or a county, city and county, or municipality for noncommercial purposes, information used and disclosed in compliance with 45 CFR 164.512, and data processed by a financial institution or affiliate subject to the Gramm-Leach-Bliley Act
What are the Penalties?
Not specified in the provided document
Jurisdiction
Colorado