Data Privacy Laws: How Does Oregon Protect Your Information?
In the Pacific Northwest lies the cozy beachside towns, stunning Cascade Mountains, and lush wine country of the beautiful state of Oregon. The Beaver State is also known for being proactive in protecting citizens’ private information.
Federal Laws
Though the US does not yet have a comprehensive federal consumer data protection law that covers all varieties of private data, it does have several federal laws that protect specific data sets, such as:
- The US Privacy Act of 1974
- The Health Insurance Portability and accountability Act (HIPAA), which aims to alter the transfer of healthcare information, stipulating guidelines by which personally identifiable information (PHI) should be protected from fraud and theft.
- The Children’s Online Privacy Protection Rule (COPPA) which applies to the online collection of personal information by persons or entities under US jurisdiction about children under 13 years of age.
- The Gramm-Leach-Bliley Act (GLBA) requiring financial institutions that offer consumers financial products or services to explain their information-sharing practices to their customers and to safeguard sensitive data.
State Laws
In addition to these federal laws, the state of Oregon also aims to protect your information with the following state laws:
1. Oregon Consumer Identity Theft Protection Act (OCITPA)
This law protects against identity theft and requires businesses to implement reasonable safeguards for personal information. Companies are mandated to take reasonable steps to protect personal information from unauthorized access, use, or disclosure.
2. Oregon’s Online Privacy Protection (OCPA)
These laws focus on protecting online privacy. Under the OCPA, Oregonians gain important rights over their personal information. Consumer rights include:
-
- Right to Know: Consumers can get a list of the specific entities that received their personal data.
- Right to Correction: Consumers can edit any inaccuracies in the data about them.
- Right to Deletion: Consumers can delete the data a business has about them.
- Right to Opt-Out: Consumers can say no to a business selling, profiling or otherwise using their data for targeted advertising.
- Right to Data Portability: Consumers can get a copy of the personal and sensitive data a business has about them.
- Sensitive Data Protections: Consumers have heightened (“opt in” consent) protections when personal data reveals racial or ethnic background, national origin, religious beliefs, mental or physical condition or diagnosis, sexual orientation, status as transgender or nonbinary, crime victim status, or citizenship or immigration status; genetic or biometric data; and precise geolocation data.
- Special Protections for Youth: In addition to the federal COPPA law, Oregon implements a “Youth Privacy Protection Act” that imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
3. Oregon’s Data Breach Notification Law
The state requires businesses to notify individuals if their personal information is compromised in a data breach. Affected individuals must be informed within a reasonable timeframe (usually 45 days) and provide details about the breach, including the type of information involved and steps individuals can take to protect themselves.
4. Oregon’s Privacy Laws for Public Records (ORS 192)
The accessibility of public records and the personal data within those records must remain protected, particularly Social Security numbers and financial details.
DataSafe takes the protection of your business and personal information seriously with secure and compliant shredding and destruction. Our NAID AAA Certified shredding guarantees secure information protection followed up with a Certificate of Destruction. If you’re looking to protect your information with on-site mobile, off-site plant-based or one-time shredding, give us a call at 503-620-3423 or complete the form on this page.
Get Your Quote
"*" indicates required fields