Question 1

What is the NIS2 Directive?

Accepted Answer

The NIS2 Directive (EU 2022/2555) strengthens cybersecurity across essential and important entities — energy, transport, health, finance, digital infrastructure. Member states had until October 17, 2024 to transpose it. Entities must implement risk management, incident reporting, and supply chain security measures.

Question 2

When does DORA apply?

Accepted Answer

The Digital Operational Resilience Act (DORA) applies from January 17, 2025 to all EU financial entities — banks, insurers, investment firms, payment providers, crypto-asset service providers. It requires ICT risk management, incident reporting, digital operational resilience testing, and third-party risk management.

Question 3

Which US states have privacy laws?

Accepted Answer

As of 2026, 20+ US states have comprehensive privacy laws: California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Iowa, Indiana, Tennessee, Montana, Oregon, Texas, Delaware, New Hampshire, New Jersey, Nebraska, Minnesota, Maryland, and more. Most follow the 'opt-out' model for sales/targeted advertising.

Question 4

What is NIS2 and how does it affect my organization?

Accepted Answer

NIS2 is the EU Network and Information Security Directive 2, expanding cybersecurity obligations to 18 sectors. It requires incident reporting within 24 hours, supply chain security, and risk management. anonym.legal's 108 compliance presets include NIS2-specific configurations.

Question 5

Does the tool generate compliance audit evidence?

Accepted Answer

Yes. Every anonymization produces a timestamped audit log with entity counts, methods applied, and processing metadata. Export as JSON or PDF for ISO 27001 audits, GDPR Article 30 records, and HIPAA documentation.

Question 6

Can I track multiple compliance frameworks simultaneously?

Accepted Answer

Yes. 108 compliance presets covering GDPR, HIPAA, SOX, PCI DSS, CCPA/CPRA, LGPD, APPI, PIPA, KVKK, PDPA, UK GDPR, NIS2, and EU AI Act. Apply multiple frameworks per document and generate cross-framework reports.

Deadline	Regulation	Jurisdiction	Impact	Status
Apr 1, 2026	CFPB Safeguards Rule	United States	Financial institutions	URGENT
Apr 22, 2026	COPPA Rule Update	United States	Children's online privacy	URGENT
Jun 30, 2026	Colorado AI Act	United States (Colorado)	High-risk AI systems	URGENT
Aug 1, 2026	CA Data Right of Privacy	United States (California)	Consumer privacy rights	CRITICAL
Aug 2, 2026	EU AI Act Enforcement	European Union	AI high-risk ban	CRITICAL
Dec 31, 2026	Annual Audits (ISO/SOC2)	Global	Certification renewal	PLANNING

Never Miss a Compliance Deadline Again

2026 Compliance Calendar

Detailed Deadline Information

EU AI Act — August 2, 2026

CFPB Safeguards Rule — April 1, 2026

COPPA Rule Update — April 22, 2026

Colorado AI Act — June 30, 2026

See Compliance Automation

Download Your Compliance Calendar

Frequently Asked Questions