Data Protection — United States
Data Protection skills for United States (imported from open sources; see each skill's author_url for provenance).
Skills
United States
·
data-protection
Data Breach Notification Letter
Drafts legally compliant data breach notification letters to affected consumers under multi-state and federal statutes (HIPAA, GLBA, state AG require…
United States
·
data-protection
BYOD Policy
Drafts a Bring Your Own Device (BYOD) policy for U.S. employers governing personal device access to company systems. Covers MDM enrollment, encryptio…
United States
·
data-protection
CCPA/CPRA Compliance Advisor
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) compliance advisor — business threshold analysis, consumer rights ful…
United States
·
data-protection
CCPA/CPRA Compliance
Complete CCPA/CPRA compliance implementation covering California Civil Code §1798.100-199. Includes consumer rights framework, business obligations, …
United States
·
data-protection
CCPA/CPRA Privacy Expert
CCPA and CPRA privacy compliance automation. Audits organizations for California privacy law compliance, maps personal information flows, validates c…
United States
·
data-protection
CCPA/CPRA Privacy Policy
Drafts a CCPA/CPRA-compliant privacy policy covering all required statutory disclosures under Cal. Civil Code §§ 1798.100–1798.199. Use when drafting…
United States
·
data-protection
CCPA/CPRA Right to Delete
Implements CCPA Section 1798.105 right to delete and CPRA amendments including service provider obligations, statutory exceptions for legal, security…
United States
·
data-protection
Colorado Privacy Act (CPA) Compliance
Colorado Privacy Act (CPA) compliance implementation. Covers universal opt-out mechanism required since July 2024, profiling opt-out rights, sensitiv…
United States
·
data-protection
Consumer Breach Notification Letter
Drafts U.S. consumer-facing data breach notification letters compliant with state statutes. Use when a security incident involving personal informati…
United States
·
data-protection
COPPA Compliance — Children's Online Privacy Protection Act
Implements Children's Online Privacy Protection Act (COPPA) compliance under 16 CFR Part 312. Covers verifiable parental consent methods including si…
United States
·
data-protection
Consumer Data Breach Notification Letter
Drafts U.S. consumer data breach notification letters satisfying multi-state breach-notice content rules and sector regimes (HIPAA, GLBA, PCI). Produ…
United States
·
data-protection
Data Retention and Destruction Policy
Drafts a law firm Data Retention and Destruction Policy covering practice-area retention schedules, secure destruction procedures, legal hold protoco…
United States
·
data-protection
Implementing Global Privacy Control (GPC)
Implementation guide for Global Privacy Control (GPC) automated opt-out signal per CPRA Section 1798.135(e). Covers Sec-GPC HTTP header detection, Ja…
United States
·
data-protection
Incident Response Plan and Playbook
Drafts incident response plans and playbooks for legal organizations, adapting NIST SP 800-61 to law firm contexts including privilege preservation, …
United States
·
data-protection
Incident Response Plan and Playbook
Drafts incident response plans and scenario playbooks for U.S. legal organizations, aligning NIST SP 800-61 Rev. 2 phases with ABA Model Rules 1.1/1.…
United States
·
data-protection
Iowa Consumer Data Protection Act (ICDPA)
Iowa Consumer Data Protection Act (ICDPA) compliance. Effective January 1, 2025. Covers consumer rights (access, delete, opt-out), controller thresho…
United States
·
data-protection
Kentucky Consumer Privacy Protection Act (KPPA)
Kentucky Consumer Privacy Protection Act (KPPA) compliance. Effective January 1, 2026. Covers consumer rights, controller thresholds at 100,000 consu…
United States
·
data-protection
Montana Consumer Data Privacy Act (MTDPA)
Montana Consumer Data Privacy Act (MTDPA) compliance. Lowest consumer threshold at 50,000 consumers. Covers sensitive data consent, universal opt-out…
United States
·
data-protection
New Jersey Data Privacy Act (NJDPA)
New Jersey Data Privacy Act (NJDPA) compliance, effective January 15, 2025. Covers consumer rights (access, correction, deletion, portability, opt-ou…
United States
·
data-protection
NYDFS Expert
NYDFS 23 NYCRR 500 expert for financial services. Deep knowledge of New York Department of Financial Services cybersecurity requirements including al…
United States
·
data-protection
Oregon Consumer Privacy Act (OCPA)
Oregon Consumer Privacy Act (OCPA) compliance. Unique provisions for de-identified data requirements, employee data partial exemption, nonprofit appl…
United States
·
data-protection
SOC 2 Type II Privacy Trust Services Criteria
Guides SOC 2 Type II Privacy Trust Services Criteria preparation and audit execution. Covers AICPA TSP Section 100 Privacy criteria P1-P8 including n…
United States
·
data-protection
State Privacy Law Applicability Assessment
US state privacy law applicability assessment tool. Evaluates revenue thresholds, data volume thresholds, business exemptions (GLBA, HIPAA, nonprofit…
United States
·
data-protection
Texas Data Privacy and Security Act (TDPSA)
Texas Data Privacy and Security Act (TDPSA) compliance. No revenue threshold applies to all businesses. Covers data broker registration requirements,…
United States
·
data-protection
Universal Opt-Out Mechanism Implementation
Universal opt-out mechanism implementation across US state privacy laws. Covers Global Privacy Control (GPC) signal technical implementation, state-b…
United States
·
data-protection
California Consumer Privacy Act / California Privacy Rights Act Expert
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) expert. Deep knowledge of California Civil Code §1798.100 et seq., CP…
United States
·
data-protection
US Federal Privacy Landscape
Maps the US federal privacy landscape including sectoral laws (HIPAA, GLBA, FERPA, COPPA, FCRA, ECPA, VPPA), FTC Section 5 enforcement, proposed fede…
United States
·
data-protection
Virginia Consumer Data Protection Act (VCDPA)
Virginia Consumer Data Protection Act (VCDPA) compliance implementation. Covers 5 consumer rights, controller obligations, processor requirements, op…
United States
·
data-protection
Written Information Security Program (WISP)
Drafts a Written Information Security Program compliant with Massachusetts 201 CMR 17.00 and supplementary frameworks (GDPR, CCPA, HIPAA, GLBA, PCI-D…