Gross McGinley LLP

gross-headerimg-2
Blog Disclaimer

Blog Disclaimer

This Blog is intended for educational and informational purposes and intended to only provide you with a general understanding of the law, not to provide any legal advice, including on the subject of the Blog. Laws that may pertain to this Blog will vary by jurisdiction, and the information on this blog may not apply to you. The content within this Blog is not intended, and should not be construed, in any way to be legal advice and thus you should not rely on any information provided in the Blog as legal advice. You should consult with appropriate legal counsel concerning any issues for which legal advice may be needed. Your review or use of the Blog and the content therein is not intended to create, and does not constitute, an attorney-client relationship. Please contact us if you have any questions about a Blog or would like more information, but, by contacting us, no attorney-client relationship is formed between you and Gross McGinley, LLP, including the Blog author. Do not send any confidential information to Gross McGinley, LLP or the authors of the Blog without first speaking to one of our lawyers and receiving our permission to provide confidential information. Unsolicited confidential information sent to us may not be subject to an attorney-client privilege and may not be treated as confidential. This Blog is not published for advertising or solicitation purposes. Gross McGinley, LLP disclaims all liability to all persons for any claim, loss, liability or any damages that may arise in connection with the Blog and any content or information contained in the Blog. Even though we strive to create our Blog content based on our current understanding of the law, we cannot and do not guarantee that the content and information in the Blog is current, accurate, or complete. Gross McGinley, LLP owns the copyright in the Blog, which is protected by federal and state laws, including copyright laws. The Blog cannot be altered or modified in any way. A copy of the Blog may be used and printed only for personal, educational, informational and noncommercial purposes. The Blog cannot be used for any other purpose without the express permission of Gross McGinley, LLP.

The Rise of Data Privacy Laws

Written by: on August 28, 2019 | Category: Blog | Tags:

Technology is not slowing down and neither is its reach into the public’s data. Since the widespread use of the internet, businesses and companies have discovered the power of mining data and the importance of protecting consumers’ personal data. With the growing concern of daily data breaches, data privacy laws have been enacted on a global level and the United States is next in line to increase the implementation of its own privacy laws.

The European Union’s new General Data Protection Regulation (GDPR) went into effect May 2018. Since its activation, global companies have felt the massive economic impact of fines imposed for personal data breaches. Companies like Marriott International, Capital One, and Facebook have all been fined under the GDPR for personal data breaches. Even smaller entities are feeling the impact of these fines as they attempt to create efficiencies utilizing AI software. The GDPR has undoubtedly increased companies to take greater steps in protecting consumer’s personal data and has sparked a movement in law that regulates this vast field.

The United States took a different approach in attempting to regulate personal data. Instead of one generalized regulation, like the GDRP, the United States has individualized sector-specific laws that are enforced through state legislation. For example, The Health Insurance Portability and Accountability Act (HIPAA) regulates the health sector, The Federal Information Security Management Act (FISMA) is a federal law that requires federal agencies to safeguard personal data, The Gramm-Leach-Biley Act (GLB) protects personal information stored in financial institutions.

The issue that arises between the different legal frameworks between the EU and U.S. stems from the lack of uniformity between the countries regulations. The U.S. has multiple laws, some of which may or may not meet the standards of the GDPR. Similarly, the GDPR has been criticized as being too broad or inapplicable to certain areas. Regardless, of which framework proves to be more successful, it will inevitably continue to be an issue enforcing companies to comply with multiple standards and regulations.

Despite the novelty of data protection laws, companies are undoubtedly aware of the necessity and seem to be proactive about safeguarding consumer data.  There are sundry ways businesses of all sizes can manage their data and prevent breaches. Basic principles include:

  • Consistent and clear policies that all employees comprehend.
  • Training for all employees on policies, stressing the importance of keeping data secure.
  • Comprehensive policy management.
  • Limit access to sensitive and private data to as few employees as possible.
  • Hold employees accountable for failing to comply with company policy.

The GDPR has set the groundwork for future uniform data protection laws, whether the U.S. will implement a similar regulation or continue to increase sector specific regulations, it is important that businesses of all sizes are educated on global, national, and state-level data privacy laws in order to prevent both the financial burden and negative media attention that arises from violations of such laws. For more information about privacy laws and how to properly manage and implement policies, contact Gross McGinley at 610.820.5450.


Attorney Kara Beck is a commercial litigator, representing companies of all sizes in lawsuits including breach of contract matters, employment disputes, and other legal actions. 

Next Previous
View All Attorneys
View All Practice Areas
View Blog