LISTEN NOW: Evolution of Data Controls in the Era of Generative AI

View

New Mexico: An Overview of Data Protection & Data Privacy Law

Publicada julio 29, 2024

Contributors

Anas Baig

Product Marketing Manager at Securiti

Usman Tariq

Data Privacy Analyst at Securiti

CIPP/US

Data protection laws are built to empower individuals to take better control of their data. These laws further provide individuals with clear privacy rights. Globally, regulatory bodies are recognizing the need for comprehensive data privacy laws. In fact, most countries have either proposed bills or have already established laws.

However, not every country or state in the US has a comprehensive privacy regulation in place. The state of New Mexico is also one such region that has yet to enact a comprehensive law. Although the state has a Privacy Protection Act, it is limited to protecting individuals’ social security numbers. Now, the question remains: What must businesses do in the absence of a comprehensive privacy bill or law?

The following guide aims to inform businesses about the current state of privacy laws in New Mexico and clarify how to ensure compliance.

Current State of Privacy Laws in New Mexico

Privacy Protection Act

The law is applicable to commercial businesses that sell, lease, or intend to sell or lease products or services to consumers. The definition further includes an agent of a business or an agent of a non-profit organization that promotes services to that organization.

The Privacy Act prohibits businesses from requiring customers to provide their social security number as a condition to lease or purchase a product or service. Businesses may only acquire or use a social security number if the consumer consents to its acquisition or use. The law requires businesses to develop internal policies for the protection of consumers’ social security numbers, such as limiting access to the social security number to authorized individuals only or holding personnel responsible for releasing the information to an unauthorized person.

The act further provides a comprehensive set of provisions restricting businesses from using social security numbers in certain situations. For instance, businesses cannot make social security numbers available to the public, require their use over the Internet without a secure connection, or refuse to transact business because of the refusal to provide the number.

Apart from the Privacy Protection Act, New Mexico further has a Data Breach Notification law. The law dictates organizations notify the concerned regulatory authorities and impacted individuals regarding the security breach. It further governs businesses to remove any personally identifiable information (PII) if it has served its business purpose and is no longer needed. Businesses must also implement robust security measures appropriate to the nature of the PII to protect it against unauthorized access, abuse, or destruction of data.

Despite the absence of a comprehensive privacy law, businesses operating in the state of New Mexico must familiarize themselves with any sectoral and federal regulations. Non-compliance with those regulations may result in legal consequences.

Compartir

Suscríbase a nuestro boletín

Obtenga toda la información más reciente, actualizaciones de leyes y más en su bandeja de entrada

Videos

Spotlight Talks

Spotlight 1:10:56

Cómo Prepararse y Actuar Positivamente ante la Ley 81

Cómo Prepararse yActuar Positivamente ante la Ley 81
Ver ahora View

Latest

The ROI of Safe Enterprise AI View More

The ROI of Safe Enterprise AI: A Business Leader’s Guide

The fundamental truth of today’s competitive landscape is that businesses harnessing data through AI will outperform those that don’t. Especially with 90% of enterprise...

View More

Accelerating Safe Enterprise AI: Securiti’s Gencore AI with Databricks and Anthropic Claude

Securiti AI collaborates with the largest firms in the world who are racing to adopt and deploy safe generative AI systems, leveraging their own...

View More

What are Data Security Controls & Its Types

Learn what are data security controls, the types of data security controls, best practices for implementing them, and how Securiti can help.

View More

What is cloud Security? – Definition

Discover the ins and outs of cloud security, what it is, how it works, risks and challenges, benefits, tips to secure the cloud, and...

View More

2025 Privacy Law Updates: Key Developments You Need to Know

Download the whitepaper to discover privacy law updates in 2025 and the key developments you need to know. Learn how Securiti helps ensure swift...

View More

Verifiable Parental Consent Requirements Under Global Privacy Laws

Download the whitepaper to learn about verifiable parental consent requirements under global privacy laws and simplify your compliance journey.

Navigating Kenya’s Data Protection Act View More

Navigating Kenya’s Data Protection Act: What Organizations Need To Know

Download the infographic to discover key details about navigating Kenya’s Data Protection Act and simplify your compliance journey.

India’s Telecom Security & Privacy Regulations View More

India’s Telecom Security & Privacy Regulations: A High-Level Overview

Download the infographic to gain a high-level overview of India’s telecom security and privacy regulations. Learn how Securiti helps ensure swift compliance.

Gencore AI and Amazon Bedrock View More

Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock

Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...

DSPM Vendor Due Diligence View More

DSPM Vendor Due Diligence

DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...

What's
New