Rhode Island Data Privacy: A Plain-Language Overview
No comprehensive consumer privacy law (as of 2026)
Status: No active comprehensive legislation; reliance on sector-specific laws (e.g., insurance, data breach notification).
Rhode Island does not have a single, comprehensive law regulating consumer data privacy like the GDPR or CCPA. Instead, data protection is governed by specific industry regulations, such as those for insurance, and the state's general Consumer Protection Act. Businesses are primarily required to comply with the Rhode Island Identity Theft Protection Act, which mandates data breach notifications.
Rights residents generally have
- Right to notification of a data breach
Who it generally applies to
The breach notification law applies broadly to any person or business that owns, licenses, or maintains computerized personal data about Rhode Island residents.
What this means for B2B outreach
The data breach notification requirements apply to personal information in general, including business contact data if it contains 'personal identifiers' (e.g., a Social Security Number) combined with a name. Commercial email activities fall under general federal anti-spam laws and standard business practices.
Authoritative source: Rhode Island Office of the Attorney General. Always confirm current requirements there.
Marketing that respects privacy by design
We run permission-based, compliance-minded campaigns with real opt-out handling.
Talk to us