Skip to content
Secure Smarter — Solutions for Modern Threats

From AI-driven SecOps to cloud security automation, Foresite delivers fully managed and scalable security solutions tailored for enterprise, hybrid, and multi-cloud environments.

Why Foresite — Security Excellence, Your Way

From our Adaptive Security Model to our Google Cloud Premier SecOps Partnership, we combine deep expertise, purpose-built technology, and customer-first flexibility.

Google Cloud Security — delivered by Foresite,
Premier SecOps Partner

Combine Google’s native security power with Foresite’s expert-driven, AI-powered operations to secure your cloud and unlock business growth.

Foresite - Google Cloud SecOps Delivery Partner Badge
What requirements of new privacy law do you need to know?
Tracy FoxJuly 20, 20212 min read

What requirements of new privacy law do you need to know?

What requirements of new privacy law do you need to know?
3:23

The recent Colorado Privacy Act (ColoPA) does not differ much from Virginia and California’s acts, but there are some distinctions to be aware of.

 

  ColoPA VCDPA CCPA
Thresholds to Applicability Conduct business in CO or produce products or services targeted to CO and (a) control or process personal data of at least 100,000 consumers; or (b) derive revenue or receive a discount on the price of goods or service from selling personal data or controls personal data of at least 25,000 consumers Conduct business in or produce products or services targeted to VA and (a) control or process personal data of at least 100,000 consumers; or (b) derive over 50% of gross revenue from the sale of personal data and process or control personal data of at least 25,000 consumers Conduct business in CA and collect personal information of CA residents and: (a) has $25 million or more in annual revenue for preceding  calendar year as of Jan. 1 of calendar year; (b) annually buys, sells, or shares personal data of more than 100,000 consumers or households; or (c) earns more than 50% of its annual revenue from selling or sharing consumer personal information
Consent Requires opt-in consent for processing sensitive personal data, including children’s data, and certain secondary processing Requires opt-in consent for processing sensitive personal data, and COPPA-compliant consent for processing children’s data Requires opt-in consent for sharing PI for cross-context behavioral advertising for children under 16, including parental consent for children under 13
Opt-Out Required for targeted advertising, sales, and profiling for legal or similarly significant effects Required for targeted advertising, sales, and profiling for legal or similarly significant effects Required for profiling, cross-contextual advertising, and sale; right to limit use and disclosure of sensitive personal information
Other Consumer Rights Access, Deletion, Correction, Portability Access, Deletion, Correction, Portability Access, Deletion, Correction, Portability
Authorized Agents Permitted for opt-out requests N/A Permitted for all requests
Appeals Must create process for consumers to appeal refusal to act on consumer rights Must create process for consumers to appeal refusal to act on consumer rights N/A
Private Cause of Action No No Yes, related to security breaches
Cure Period? 60 days until provision expires on Jan. 1, 2025 30 days No
Data Protection Assessments Required for targeted advertising, sale, sensitive data, certain profiling Required for targeted advertising, sale, sensitive data, certain profiling Annual cybersecurity audit and risk assessment requirements to be determined through regulations

 

Given the significant overlap among the three privacy laws, companies subject to ColoPA should be able to leverage VCDPA and CCPA implementation efforts for ColoPA compliance. If ColoPA is any example, other state privacy efforts may not veer too far from the paths VCDPA and CCPA have forged.

Foresite can help with an assessment of how you or your clients are meeting your applicable privacy requirements.

ForesiteApril 11, 20242 min read

Navigating Florida’s Cybersecurity Immunity Act: What You Need to Know

The protection of sensitive data is paramount with the increasing frequency and sophistication of cyber threats. Organizations ...
Start Reading
ForesiteSeptember 8, 20171 min read

Avoid Being the Next Equifax – Learn From Their Recent Breach

The Equifax breach just hit the news last week, and already a class action suit has been proposed, seeking $70 billion dollars ...
Start Reading
Tracy FoxNovember 27, 20183 min read

New Opinion From The American Bar Association On Cyber Responsibility

Cyber ‘It’s not an if, it’s a when’ the renewed importance of incident response for lawyers and law firms in light of new ...
Start Reading