Data privacy is an ever-evolving area of concern for any industry that handles personal data, and this is especially important for those industries that handle individuals’ financial data. Data privacy experts Ryan Cabrita of The Gulotta Grabiner Law Group and Greg Szewczyk of national law firm Ballard Spahr are set to discuss some of the big up-and-coming topics at this year’s National Settlement Services Summit (NS3) in St. Louis.
Staying prepared, Cabrita noted, is the best action a business can take right now, as more states are adopting or enhancing their data privacy laws.
“Nearly every state has adopted or is considering adopting a data privacy law in some capacity. While there are commonalities amongst all, each one carries its own nuances,” Cabrita said. “Furthermore, the terminology in each law may not directly match other adaptations. Even if the state you are doing business in has not adopted a comprehensive privacy law, it is critical to stay ahead of the game to ease the burden of when it inevitably arrives in your state.”
Szewczyk added that businesses also need to be prepared for regulatory actions or litigation relating to data privacy.
“Regulators and litigants are particularly active on a broad range of issues in the privacy and data security fields, and their focus is not limited to big tech,” Szewczyk said. “Indeed, we increasingly see class actions, trolling settlement demands, and enforcement actions targeting real estate and financial services companies.”
Their upcoming session at NS3 intends to give attendees an overview of state privacy laws as well as highlights and trends in data privacy litigation that are relevant to the real estate and settlement services industry.
“The topic of data privacy laws is extensive,” Cabrita said. “Our goal is to provide an overview of state privacy laws to demonstrate that compliance is manageable…. We also need to examine the data we share with vendors. Vendor management is a critical area of concern. While you may believe you are exempt or partially exempt from a state privacy law, your vendors may not be.”
Szewczyk will also focus on “the current trends that represent the highest risks for enforcement and litigation for the attending industries, ranging from common analytical cookies used on many websites to vendor management.”
Through the session, Cabrita and Szewczyk hope attendees understand that, though data privacy laws may be complex, early action makes compliance more easily managed.
“Data privacy laws are complicated, but they are manageable provided a fundamental understanding is developed early. To minimize the impact, it is essential to ask the right questions and involve the right people.”
“With relatively small efforts, companies can significantly mitigate risks while still accomplishing their business objectives,” Szewczyk said. “But to do so, they need to involve the right teams early.”
For more information on the 2023 NS3, including the agenda and a list of speakers for all three days, click here. You can register for NS3 here.