The Iowa Consumer Data Privacy Act (ICDPA) is a data privacy law designed to safeguard the personal data of Iowa residents. Effective from January 1, 2025, the ICDPA establishes specific rights for individuals and obligations for businesses concerning data collection, processing, and protection.
The ICDPA applies to:
- Businesses operating in Iowa or targeting goods or services to Iowa residents.
- Entities that control or process the personal data of at least 50,000 Iowa residents annually or
- Businesses that derive significant revenue from the sale of personal data and process data of at least 25,000 Iowa residents.
ICDPA Guidelines
Under the ICDPA, Iowa residents are granted the following rights:
- Access: The right to access their personal data held by businesses.
- Correction: The right to request corrections to inaccuracies in their personal data.
- Deletion: The right to request deletion of their personal data.
- Data Portability: The right to obtain a copy of their personal data in a format that is structured and commonly used, suitable for transfer to another entity.
- Opt-Out: The right to opt out of the sale of their personal data, as well as its use for targeted advertising and profiling.
Businesses that meet ICDPA eligibility criteria must:
How Finite State Helps You Comply with ICDPA
Finite State can complement your data protection efforts by strengthening your data security capabilities, particularly by:
- Enforcing Secure Coding Practices: Seamless integrations into existing CI/CD pipelines automatically analyze source code and compiled binaries for common security vulnerabilities and coding errors. This allows engineers to identify vulnerabilities hidden deep within legacy code and third-party libraries and detect and address issues early in the development process.
- Real-Time Threat Detection: Integrations with vulnerability databases provide up-to-date information on the latest threats and exploits, allowing for the proactive identification of potential risks before they can be exploited.
- Automate Vulnerability Identification: Using our advanced binary and source code SCA, vulnerabilities can be identified as they’re introduced across the SDLC to help teams keep applications secure.
- Comprehensive SBOM Solutions: Automatically generate Software Bill of Materials throughout the SDLC and easily compile detailed information on all components in your products, including open-source libraries, third-party dependencies, and custom code to improve transparency and identify potential security risks in your software supply chain.
Strong cybersecurity requires a collective effort. Talk to the team today to discover how Finite State can help you comply with ICDPA.