. https://www.trustarc.com/blog/2019/04/18/managing-privacy-compliance-in-the-cloud/
blog article
The number and complexity of regulations addressing data privacy continues to increase significantly. Companies offering cloud-based services must comply with these regulations or risk losing business due to customer trust issues and/or potential fines and other legal action. Compliance with regulations like the GDPR and CCPA requires companies to address a wide range of items, including privacy assessments, cookie consent, and data subject access requests. The digitization of data has inevitably led to a myriad of data privacy laws that span the globe. These regulations all need to be considered when doing business in the respective countries/regions to which the rules apply. Below is just a sampling of data privacy regulations that have been introduced in recent years: The General Data Protection Regulation (GDPR), which took effect in 2018 across the European Economic Area (EEA). All 50 U.S. states now have data breach notification laws. The California Consumer Privacy Act (CCPA) has been passed, and at least five (5) other U.S. state laws related to data security and data disposal, including in Washington State, New York and Rhode Island, are progressing through the legislative process. READ MORE