CCPA: What you need to know

The California Consumer Privacy Act ( CCPA )

If you do business in California, have a website or product that services California residents, or plans to do business with anyone in California, let me be the first to welcome to the California Consumer Privacy Act, or as we like to call it, the true beginning of US GDPR-like implementations. You all knew it was coming, and if you didn’t… well, it came anyway. So let’s take a moment and dive into why we’re calling this “America’s GDPR”.

CCPA is broken down into 5 parts you should know about.

1. It requires Data Inventory and Mapping of personal data.

2. It gives new individual rights to data access and erasure.

3. It provides individuals the right to opt-out of data selling.

4. It requires updated 3rd party processing agreements.

5. It spells out requirements for information security remediations.

So much fun right? If you are already a GDPR compliant shop and you’d like to see a quick graphic of the mapping between GDPR and CCPA, our friends at PwC have made one for you (click here).

For everyone else, January 2020 is just around the corner and that doesn’t leave you much time to become compliant. While this isn’t the first time a state has contemplated broad comprehensive privacy reform, it is the first of its kind to be approved. And it won’t be the last.

For more information on EU Data Protection, CCPA or how CCPA may change your website, product, documentation, or process. Please contact us at info@theatomgroup.com for more information, or use the contact us form below.