Digital Policy Alert logo

United States of America: Act amending Kentucky Revised Statutes on data privacy including cybersecurity regulation was signed into law by Governor of Kentucky

Policy overview

Description

Act amending Kentucky Revised Statutes on data privacy including cybersecurity regulation was signed into law by Governor of Kentucky

On 13 April 2026, the Governor of Kentucky signed the Act amending Kentucky Revised Statutes on data privacy (HB 692) into law. The Act amends KRS 367.3617 to require controllers to establish, implement, and maintain reasonable administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of personal data. The data security practices must be appropriate to the volume and nature of the personal data at issue. The Act will take effect on 1 July 2027.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
technological consumer goods
Implementation Level
subnational
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2026-02-23
under deliberation

On 23 February 2026, the Bill amending Kentucky Revised Statutes on data privacy (HB 692) was intro…

2026-03-13
under deliberation

On 13 March 2026, the Kentucky House of Representatives passed the Bill amending Kentucky Revised S…

2026-03-31
adopted

On 31 March 2026, the Kentucky Senate passed the Bill amending Kentucky Revised Statutes on data pr…

2026-04-13
adopted

On 13 April 2026, the Governor of Kentucky signed the Act amending Kentucky Revised Statutes on dat…

2027-07-01
in force

On 1 July 2027, the Act amending Kentucky Revised Statutes on data privacy (HB 692) enters into for…