Session Abstract: Threats to data are coming from all angles, including theft, improper collection and retention, and nefarious uses. This results in massive privacy and security concerns for consumers, industry, and national security, along with a compliance nightmare for practitioners. A patchwork of state, sectoral, and international frameworks have emerged to address this. However, the United States still does not have a comprehensive law. The current status and ways forward for United States data privacy and security legislation will be presented, including the cybersecurity and national security nexus, why practitioners need to care, and lessons to learn from other frameworks.Summary: Privacy and security are not separate issues. While others have acted on data privacy and security laws, there is still not a United States solution. This presentation will explore the current status and path forward for such a law.Additional Information: