NFIB members urged to acquaint themselves with requirements
NFIB members and other small-business owners should make themselves aware of the changes in Colorado’s consumer data privacy laws that took effect September 1.
This web posting from Attorney General Cynthia Coffman’s has the details.
Key Takeaways:
“Who is impacted by the changes to Colorado’s consumer data privacy laws?
“Any person, commercial entity, or governmental entity that maintains, owns, or licenses personal identifying information (“PII”) of Colorado residents in the course of its business, vocation, or occupation.
“What does the new law say about disposal of PII?
“If you maintain, own, or license PII, in paper or electronic form, you are required to develop and implement a written policy to ensure that the PII is destroyed when it is no longer needed. Private persons and entities should refer to C.R.S. § 6-1-713. Governmental entities should refer to C.R.S. § 24-73-101.
“What is PII?
“PII includes social security numbers; personal identification numbers; passwords; pass codes; official state or government-issued driver’s license or identification card numbers; government passport numbers; biometric data; employer, student, or military identification numbers; and financial transaction devices, including financial account numbers.”
[Graphic courtesy of the attorney general’s office]
