Resources

Free tools and guides for
privacy-aware businesses.

Practical, plain-language resources on US privacy law. No legal degree required.

Data Privacy Laws Database

US Data Privacy Laws. All 50 States

An interactive map and full reference table of all active and proposed US state privacy laws, with thresholds, opt-out rights, and effective dates. Updated monthly.

View the Map →

Free Download

2026 North Privacy
Roadmap

A practical guide to understanding which US privacy laws apply to your business, and where to start.

  • Why 2026 enforcement is different, real fines, real companies
  • The 5 things every SMB must get right first
  • All 20+ active state laws in a single reference table
  • A 90-day action roadmap. Month 1, 2, and 3

No spam. Your information is never sold.

What's inside

An 8-page guide covering the full US privacy law landscape, written for business owners, not lawyers. Includes a state-by-state reference table and a prioritized 90-day action plan.

8-page PDF · Free · No expiry

Not sure where your business stands?

Take the free Privacy Readiness Assessment. Ten minutes, 20 questions, and you will know which laws apply to you, your risk tier, and what to prioritize first.

Take the free assessment →

Healthcare Practice Guides

Plain-English
HIPAA Guides.

Three plain-English guides written for small healthcare practice owners. Two are instant downloads; the OCR investigation timeline is sent straight to your inbox.

Guide · PDFSent to your inbox

The First 72 Hours of an OCR Investigation

What actually happens when an HHS OCR letter arrives. The timeline, the documentation OCR asks for first (Risk Analysis under 45 CFR 164.308), and the specific moves to make in hours 0, 24, and 72. For practice owners who want to know what to do before the letter ever shows up.

Free. We email it to you and add you to the monthly briefing. Unsubscribe anytime.

Sales Briefing · PDF3-page download

Top 5 Objections to a HIPAA Risk Analysis

Honest answers to the five pushbacks small healthcare practice owners give when weighing whether to do a real Risk Analysis. Includes the 2026 OCR enforcement numbers, how compliance software differs from a documented analysis, and why a 2-year-old analysis is not enough.

Download PDF →
Guide · PDF2-page download

What OCR Actually Checks in a HIPAA Risk Analysis

The four things an OCR investigator looks for in your Risk Analysis, the five documents to have ready before a letter arrives, and the 2026 penalty numbers. A plain-English reference for small practice owners.

Download PDF →

Quick Reads

Explainers on
Privacy Law.

Clear answers to the questions business owners actually ask. No jargon, no hedging.

Guide5 min read

CCPA vs CPRA: What Actually Changed

California's CPRA significantly expanded the original CCPA. Here is what changed and what it means for your business.

Read more →
Checklist4 min read

The SMB Privacy Compliance Checklist

Ten foundational privacy items every small business should have in place, before worrying about anything else.

Read more →
Explainer4 min read

What Is a Data Processing Agreement?

If a vendor processes personal data on your behalf, you may be legally required to have a DPA. Here is what it covers.

Read more →
Guide5 min read

Consumer Rights: What Businesses Must Do

State privacy laws give consumers rights over their data. Here is what you need in place to honor those requests legally.

Read more →
Explainer4 min read

Do I Need a Cookie Consent Banner?

The answer depends on your traffic, tracking practices, and which states you serve. Here is how to figure it out.

Read more →
Playbook6 min read

Data Breach Response: The First 72 Hours

What to do, in order, in the first 72 hours after discovering a data breach. Before the clock runs out.

Read more →

Ready to Move from
Reading to Doing?

Book a 30-minute discovery call, no pitch, no pressure. Just a clear look at where your business stands.

Book a Discovery Call