DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Tuesday, 30 April 2019 14:52

5 Steps to Prepare for California’s Consumer Privacy Act

Cavirin‘s Anupam Sahai discusses the factors that determine whether the CCPA impacts an organization, what the requirements are if so and what action you can take to prepare for it.

Just when you thought you had a handle on GDPR, businesses have a new legislation to worry about: the California Consumer Privacy Act (CCPA). The CCPA stipulates that California residents should have greater access to and control over personal information held by businesses. In particular, the law seems targeted to online social media firms (e.g., Facebook) that have been reckless with their users’ personal information over the past few years. With the number of data breaches to date, are we really that surprised that something like this is coming into effect?

CCPA will become effective on January 1, 2020, but will not be enforced until six months afterward. However, the new law enshrines a few fundamental rights for consumers to access the information that companies hold on them and to control what is collected, stored and shared within the previous 12-months. So, come July 1, 2020, if a company has collected personal information from January 1, 2019 onward, the consumer has the right to find out exactly what data a business has collected, they can opt out from the company selling their data and they have the right to ask for their data to be deleted – or, as the GDPR regulation puts it, the right to be forgotten.