While GDPR applies to all countries in the European Union, there is not a similar comprehensive mandate in the United States. In the US, organizations are subject to a variety of compliance mandates that depend on industry, location, and other factors. Some states have released their own guidelines, adding to the compliance considerations for companies serving customers in those states. Two state initiatives currently in place are the California Consumer Privacy Act (CCPA) and the New York State “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act).
Read this paper for a comparison of GDPR, CCPA, and NY SHIELD Act, and also to learn about how BeyondTrust privileged access management solutions can help support your compliance initiatives.