Privacy Compliance in the United States

Organizations have proven more adept in protecting their own confidential and sensitive data than the personal and sensitive data of customers and employees. With data available on 15 billion individuals (including duplicates) from more than 100,000 data breaches, there is no shortage of data available to fuel identity theft, financial fraud, and other malicious threats. Privacy regulations have become a key tool for regulators and governments to force organizations to pay more attention to the data collected, processed, stored, and shared on individuals—much of it gained through new ubiquitous digital channels. Privacy regulations define common standards of performance rather than leaving best practice up to individual organizations. With the emergence of new privacy regulations to complement others that have been in force for several decades, the purpose of this study was to understand how organizations in the United States are responding.