Are you prepared to comply with the California Consumer Privacy Act? The CCPA effective date is January 1, 2020, which means your organization must be compliant before then to avoid massive fines and the potential loss of customer trust. The CCPA is one of the most notable data privacy laws in the United States following the GDPR in Europe, and this new law is setting a heightened standard for the protection of customers’ sensitive data.
In this blog, we’ll remind you of some important CCPA details, explain who this new law applies to, and share some best practices to help you ensure compliance before the CCPA effective date.
A refresher on CCPA law
The California Consumer Privacy act is a California state law that was formed to protect the data privacy rights of consumers who live in the state. The law places restrictions and guidelines on what businesses can do with personal information they collect from consumers. The CCPA allows consumers in California to acquire, restrict, and request deletion of any personal information that a business may have about them. CCPA law applies to data collected or used within the past 12 months of the CCPA effective date, so any data collected since January 1, 2019, must also be compliant.
The CCPA applies to businesses in California with revenue above $25M, or to businesses that sell customers’ personal information. There are no sanctions on penalties and fines for CCPA non-compliance. Because of this, the CCPA is considered to be one of the strictest data privacy laws within the United States.
Are you ready for the CCPA effective date?
Ideally, you’re already well into the process of overhauling your data privacy standards in order to comply with CCPA. If you’re still preparing or making last minute checks, make sure to ask yourself these questions:
- Are your online and internal privacy policies CCPA compliant?
- Have you properly trained your employees on data privacy requirements to minimize non-compliance risks?
- Are the vendors you rely on for business compliant with CCPA?
- Are you compliant with CCPA law for customer data access, deletion, and opt-out?
- Do you have a system in place for managing opt-out requests?
- Do you have a system that allows customers easy access to data access, change, and deletion, such as a toll-free phone number?
As you move forward into 2020 after the CCPA effective date, be sure to only use CCPA compliant vendors like FormAssembly when collecting personal information from California residents. This will further protect consumer data while simplifying the compliance process for your business.