Securiti Ranked #1 DSPM Vendor by GigaOm
ViewLearn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.
See a demo
On March 6, 2024, Governor Chris Sununu signed Senate Bill 255, making New Hampshire the 14th U.S. state to enact a comprehensive privacy law, the New Hampshire Data Privacy Act (NHDPA). It became the second state in 2024 to pass such a law, following New Jersey.
The NHDPA applies to businesses operating in the state or targeting products and services to New Hampshire residents if they meet one of two conditions in a given year: they control or process the personal data of at least 35,000 consumers (excluding data used solely for payment transactions), or they control or process the personal data of at least 10,000 consumers and derive more than 25% of their gross revenue from selling personal data.
The NHDPA is modeled after other state privacy laws, like those in Colorado and California, and grants consumers rights over their personal data, including its collection, processing, and sale. The state's Attorney General will enforce the law with a 60-day violation cure period. It takes effect on January 1, 2025. From January 01, 2025, a cure period must be provided at the attorney general’s discretion while considering several factors, including the number of violations, nature of processing activities, and size and complexity of the controller or processor.
Securiti enables organizations to comply with New Hampshire Data Privacy Act (NHDPA) through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.
Securiti supports enterprises' journey toward compliance with New Hampshire Data Privacy Act (NHDPA) through automation, enhanced data visibility, and identity linking.
NHDPA Provisions
Use our collaborative, multi-regulation, readiness assessment system to measure your organization's posture against NHDPA requirements, identify gaps, and address compliance risks.
NHDPA Provisions
Automate compliance with NHDPA using Securiti common controls and tests.
Section(s): 507-H:6(III)
Automatically update and refresh your privacy policies and notices. Build and publish a privacy notice with pre-built templates, in compliance with the NHDPA.
Section(s): 507-H:6(I)(b), 507-H:6(I)(d), 507-H:6(I)(f), 507-H:6(I)(g)
Monitor consent for various data processing activities via the central dashboard. Track consent revocation to prevent the processing or transfer of data without consent.
Section(s): 507-H:6(I)(b), 507-H:6(I)(d), 507-H:6(I)(f), 507-H:6(I)(g)
Scan websites to classify cookies, deploy customized consent collection points, and link consent to user identities and personal data categories collected from end points.
Section(s): 507-H:1(IV), 507-H:1(XX), 507-H:1(IXXVIII)
Discover personal data and sensitive data stored across all systems within the organization and link it to unique data subjects. Visualize personal data sprawl and identify compliance risks.
Section(s): 507-H:6(III), 507-H:6(I)(a), 507-H:6(I)(b)
Trace data flow across your systems, catalog data collection and transfer, and document business process flows internally and to the processors.
Section(s): 507-H:4
Create customized web forms and accept verified DSR requests. Automate the initiation of the access, correction, deletion, portability and opt-out request fulfillment workflows in compliance with the NHDPA.
Section(s): 507-H:7(I)(b), N.H. Rev. Stat. § 359-C:20
Track and manage potential incidents and data breaches with automated notification guidance based on global regulatory requirements.
Section(s): 507-H:8(I), 507-H:8(II)
Initiate Data Protection Assessments (DPAs) using compliance templates, invite stakeholders to contribute and review responses, track progress in real-time, and share approved assessments with third parties.
Section(s): 507-H:7(II)(e)
You can track privacy and security readiness from a single interface for all your service providers. You can also collaborate instantly with processors and manage all processor agreements and compliance documents.
Section(s): 507-H:6(c)
Discover and auto-remediate security misconfigurations in SaaS and IaaS data systems using a library of rules based on vendor recommendations, industry standards, and best practices.
Controllers must obtain consumer consent before collecting or processing additional personal data or using already collected data for purposes beyond those initially communicated or deemed reasonably necessary.
Controllers must obtain consumer consent before processing sensitive data or using personal data for purposes beyond what was initially communicated or deemed necessary.
Controllers must provide consumers with a reasonably clear and easily accessible privacy notice.
Controllers must implement technical, administrative, and organizational security measures to protect personal data from unauthorized access.
Controllers must conduct data protection assessments for activities posing heightened risks, such as targeted advertising, data sales, sensitive data processing, and profiling that may lead to harm or deceptive treatment of consumers.
The NHDPA gives consumers the right to access, correct, delete, opt-out and data portability.
The Attorney General’s Office of New Hampshire (AG) has the exclusive authority to enforce the provisions of the NHDPA.
At Securiti, our mission is to enable organizations to safely harness the incredible power of Data & AI.
Copyright © 2025 Securiti · Sitemap · XML Sitemap
info@securiti.ai
Securiti, Inc.
300 Santana Row
Suite 450
San Jose, CA 95128
