go again. At a time when many U.S. businesses are still chasing GDPR compliance
(Europe’s far-reaching data privacy regulation enacted last May), they soon may
also be subject to similarly intentioned legislation emerging from California.
Signed into law by Governor Jerry Brown last June, the CCPA or California
Consumer Privacy Act, will take effect on January 1, 2020.
Like the GDPR does for EU residents, the new law aims to give Golden State
consumers greater control over how companies collect, handle and share their
personal information. As CMS Wire,
reports, the effects on all American companies, located inside or outside
California, will be extensive and game-changing.
legislators are setting the stage for a fundamental realignment of how
companies doing business in the state, and by extension, the whole U.S.,
interact with customer data.” Provided they meet certain revenue and
record-processing criteria, the new law may apply to any for-profit entity that
does business in California and collects personal data of its residents.
Businesses found non-compliant face civil penalties of up to $2500 per
violation and $7500 per intentional violation. If you haven’t begun discussing
the CCPA with your Managed Services Provider or in-house IT team, now is the
time to start. Prudent steps will include: mapping what data you collect and
where it’s stored; reviewing current usage disclosures, privacy policies and
consent forms; and ramping up your data governance program. Call us to learn