On June 28, 2018, the California State Assembly and Senate passed the California Consumer Privacy Act of 2018 (CCPA), or Assembly Bill 375 (AB 375). Effective on January 1, 2020, the bill will impose new privacy obligations on certain businesses that collect personal information of consumers in California. At present, the bill is intended to provide those residents with the following rights:
- Know what personal data is being collected about them
- Know whether their personal data is sold or disclosed and to whom
- Say no to the sale of personal data
- Access their personal data
- Request a business delete any personal information about a consumer collected from that consumer
- Not be discriminated against for exercising their privacy rights
The impact CCPA will have is still unclear, primarily because the state legislature fast-tracked the bill in order to defeat a stricter privacy initiative which was on the table. As a result, the bill currently contains a lot of vague and confusing language that – if not challenged in a court of law – will likely prompt various business interest groups to lobby for some changes before it goes into effect. In any event, the bill could have profound effects on doing business in California (and other states that may emulate the law).
To be prepared, we recommend that you follow these steps to ensure that your organization is ready:
1 | Discover | Understand what CCPA is and the rights it provides consumers in California. |
2 | Identify | Determine whether your organization meets the eligibility threshold and what the requirements are for making your privacy programs comply with the law. |
3 | Assess | Determine whether your current privacy and compliance policies align with the new CCPA requirements – or if not, what needs to change in order to become compliant. |
4 | Prioritize | Evaluate and prioritize your implementation steps accordingly. |
5 | Implement | Implement any needed changes to your privacy programs and consider tools to simplify your compliance with CCPA. |
Olive + Goose Services
As a leading Microsoft Gold partner, we can get you up to speed on the latest security and compliance technologies to help you get CCPA-compliant. These tools, coupled with the right processes and policies, can help you be prepared.
Olive + Goose offers the following services to assist you with your CCPA readiness:
- Free discussion to educate your organization about CCPA
- CCPA assessment to understand your exposure and business requirements
- CCPA Personal Data Discovery service to provide you with insight into how much of your data contains personally identifiable information (PII), or sensitive personal information that might be subject to the CCPA
Contact us to schedule an assessment and learn how we can help you meet your privacy and compliance obligations – before it’s too late.