Privacy Laws Tennessee
TN

Tennessee Information Protection Act

TIPA

Requires both $25M revenue AND consumer threshold. Includes affirmative defense for businesses with privacy programs conforming to NIST frameworks.

Effective Date
2025-07-01
Enforcement
Attorney General
Consumer Threshold
25,000 consumers
Revenue Threshold
$25,000,000

Key Requirements

Privacy notice
Right to access, correct, delete personal data
Right to data portability
Right to opt-out of sale, targeted advertising, profiling
Data protection assessments
Consent for sensitive data
NIST framework compliance as affirmative defense

Penalties

Up to $7,500 per violation.

Cure Period

60-day cure period

E-commerce Relevance

Affirmative defense available if you maintain a NIST-conforming privacy program. Must meet both revenue AND consumer thresholds.

Back to All Privacy Laws Scan Your Site