Last Updated: November 21, 2025
Laws Overview
| Regulation | Focus |
|---|---|
GDPR
|
EU data subjects + data transfer rules |
CCPA
|
California opt-outs + access rights |
HIPAA
|
US healthcare PHI safeguards |
Checklist
Data inventory
Track where personal data lives
Consent log
Record when and why users consent
Breach plan
Notify regulators within window
Tips
Minimize data retention, encrypt in transit + at rest, and DPIA when launching new services.
💡 Pro Tip:
Map data flows, appoint a privacy lead, and document consent baselines.