Changes in Colorado Data Breach Laws in Effect

Date: September 12, 2018

NFIB members urged to acquaint themselves with requirements

NFIB members and other small-business owners should make themselves aware of the changes in Colorado’s consumer data privacy laws that took effect September 1.

This web posting from Attorney General Cynthia Coffman’s has the details.

Key Takeaways:

“Who is impacted by the changes to Colorado’s consumer data privacy laws?

“Any person, commercial entity, or governmental entity that maintains, owns, or licenses personal identifying information (“PII”) of Colorado residents in the course of its business, vocation, or occupation.

“What does the new law say about disposal of PII?

“If you maintain, own, or license PII, in paper or electronic form, you are required to develop and implement a written policy to ensure that the PII is destroyed when it is no longer needed.  Private persons and entities should refer to C.R.S. § 6-1-713.  Governmental entities should refer to C.R.S. § 24-73-101

“What is PII?

“PII includes social security numbers; personal identification numbers; passwords; pass codes; official state or government-issued driver’s license or identification card numbers; government passport numbers; biometric data; employer, student, or military identification numbers; and financial transaction devices, including financial account numbers.”

[Graphic courtesy of the attorney general’s office]

Subscribe For Free News And Tips

Enter your email to get FREE small business insights. Learn more

Get to know NFIB

NFIB is a member-driven organization advocating on behalf of small and independent businesses nationwide.

Learn More

Or call us today

© 2001 - 2022 National Federation of Independent Business. All Rights Reserved. Terms and Conditions | Privacy