Compliance
TIPA
The Tennessee Information Protection Act (TIPA) is a comprehensive data privacy law enacted to protect the personal information of Tennessee residents.
Cassie’s consent and preference management platform enables businesses to build customer trust and comply with all relevant regulations without needing to sacrifice business goals.
The Tennessee Information Protection Act (TIPA) is a comprehensive data privacy law enacted to protect the personal information of Tennessee residents.
Businesses who meet the requirements for TIPA compliance must employ a number of provisions, including implementing data privacy practices, providing clear privacy notices, and respecting consumer rights to access, correct, delete, and opt-out of the sale of their personal information.
Does your business need to comply with TIPA?
TIPA applies to for-profit businesses, whether based in Tennessee or elsewhere, that target Tennessee residents and meet the following criteria:
- Generate an annual revenue of at least $25 million; and
- Control or process the personal information of 25,000 or more consumers and derive over 50% of their gross revenue from the sale of personal information; or
- Control or process the personal information of at least 175,000 consumers in a year.
Many exemptions apply. The following types of organizations are not covered by the bill:
- Public bodies.
- Financial institutions covered by the Gramm-Leach-Bliley Act.
- Healthcare entities covered by the Health Insurance Portability and Accountability Act (HIPAA).