On behalf of Sayer Regan & Thayer of Sayer Regan & Thayer, LLP posted on Wednesday, June 15, 2022.

Data privacy is a big thing for businesses today. How do you know your small business is compliant? Compliance with data privacy laws help both you and your customers and clients in many ways. But first off, what are data privacy laws?

Unfortunately, there is no one-size-fits-all federal law that governs data privacy in this country. Instead, there’s a complex patchwork of laws governing specific sectors, addressing industries like telecommunications, health information, marketing, credit information, and financial institutions. There are also many data privacy and security laws that vary by state, overseen by U.S. state attorneys general. Such laws govern the collection, storage, disposal, safeguarding, and use of personal data.

As you can imagine, staying on top of ever-changing privacy laws can be overwhelming, confusing and risky for businesses. That’s why you need a business lawyer on your side that specializes in data privacy issues.

By 2023, Gartner predicts that two-thirds of the world’s population will be protected by data privacy laws. At this time, Europeans are protected by the GDPR and Americans are protected by various state laws.

What Data Privacy Laws Require of Businesses

Even though there are many data privacy laws in place today, some being crafted as we speak, most require businesses to do the following, or at least some version of them:

• Provide an explanation to customers about how their data will be used.
• Upon request, delete customer data.
• Ensure the security of customer data.
• Allow customers to easily opt out of communications (email, text, etc.).

State laws can also define which businesses have to comply with these laws. As a side note, there is no comprehensive privacy law in Rhode Island, but the right to privacy is covered under Rhode Island statute. Other states, like California, Colorado, Virginia and Utah have robust and comprehensive consumer data privacy laws on their books.


Criteria that is used to determine whether a particular business must comply with data privacy laws include:

• Location of customers (state)
• Whether a business receives money from customers’ data, or how much of the business’ revenue is earned from selling data
• The number of customer records a business has
• Total revenue of a business

For many businesses, the problem in complying with data privacy laws is not based on a fear their business would take a hit by following the laws but lies in the fact that many still do not have a clear way of knowing the answers to these questions and thus the data privacy laws they must adhere to.

It can be downright impossible to comply with data privacy laws if you don’t have a firm handle on your consumer data. This is yet another good reason to hire a business lawyer to review your track record and let you know if you are indeed in compliance with data privacy laws.

Contact Sayer Regan & Thayer

We help you protect what you’ve built, and that includes safeguarding your business against compliance issues with data privacy laws. Get your free, no-obligation consultation when you contact our business lawyers at 866-378-5836.

These materials have been prepared by SRT for informational purposes only and are not intended and should not be construed as legal advice.