California Labor &
Employment Law Blog
Employers Urged To Revisit Existing Privacy Policies Following Executive Order Mandating Protection Of Sensitive Personal Data 
Mar 5, 2024

Employers Urged To Revisit Existing Privacy Policies Following Executive Order Mandating Protection Of Sensitive Personal Data 

Topics: Legal Information, Personnel Policies and Procedures, Privacy

President Biden issued an Executive Order on February 28, 2024 to prevent access to U.S. Citizens’ sensitive personal data and U.S government-related data by countries of concern. This executive order targets data brokers that sell U.S. citizens’ sensitive personal data to entities located in or affiliated with “countries of concern.” 

Countries of concern include Iran, North Korea, Russia, China, Cuba, and Venezuela. Sensitive personal data includes genomic data, biometric data, personal health data, geolocation data, financial data, and other types of personally identifiable information. Government-related data includes data linked or linkable to categories of U.S. government personnel and data that could be used to identify U.S. government personnel. 

The Executive Order further states that the Department of Justice will work with the Department of Homeland Security to set high-security standards to prevent countries of concern from accessing sensitive personal data. 

This new Executive Order will affect businesses across different industries, domestic and abroad. Businesses with an international presence that have dealings with “countries of concern” should review their privacy policies to ensure compliance. Currently, no comprehensive federal privacy law is in place, so this executive order is another legal obligation to be added to various existing privacy laws, including California’s privacy laws.  

For employers that do not believe they have an international presence, reasonable due diligence should still be performed to determine whether third parties with access to employee/consumer data have international ties such that sensitive personal data may be transferred to “countries of concern.”  

Covered California employers should already have privacy policies in place to comply with CCPA/CPRA. Further modifications to existing privacy policies may be necessary in light of this new executive order.
CDF’s Privacy Practice Group will continue to monitor the latest developments related to the CCPA, the CPRA, and the Agency’s enforcement actions. Please contact a member of CDF's Privacy Practice Group (Dan Forman, Dalia Khatib, or Linda Wang) to discuss compliance with any government investigation or questions about the CCPA & CPRA. Our Privacy Practice Group is available to assist employers with policies, notices, and general compliance.

About CDF

For over 25 years, CDF has distinguished itself as one of the top employment, labor and immigration firms in California, representing employers in single-plaintiff and class action lawsuits and advising employers on related legal compliance and risk avoidance. We cover the state, with five locations from Sacramento to San Diego.

> visit primary site

About the Editor in Chief

Sacramento Office Managing Partner and Chair of CDF’s Traditional Labor Law Practice Group. Mark has been practicing labor and employment law in California for thirty years. His practice has a special emphasis on the representation of California employers in union-management relations and handling federal and state court litigation and administrative matters triggered by all types of employment-related disputes. He is also adept at providing creative and practical legal advice to help minimize the risks inherent in employing workers in California. He recently named “Sacramento Lawyer of the Year” in Employment Law-Management for 2021 by Best Lawyers®.
> Full Bio   > Email   Call 916.361.0991

CDF Labor Law LLP © 2024

Editorial Board About CDF What We Do Contact Us Attorney Advertising Disclaimer Privacy Policy Cookie Policy