California Consumer Privacy Act (CCPA)
Is Your Company CCPA ready?
The CCPA, by far the most comprehensive privacy law in the country, is directed at companies that collect and/or sell personal information. The CCPA is designed to give California consumers more control over their own data, and encompasses data portability, data access, data transparency, data deletion, and objection rights.
Companies serving or employing California residents are likely to be most impacted by these five CCPA requirements:
Data inventory and mapping of in-scope personal data and instances of “selling” data
New individual rights to data access and erasure
New individual right to opt-out of data selling
Updating service-level agreements with third-party data processors
Remediation of information security gaps and system vulnerabilities
NMS Consulting’s Cybersecurity and Data Privacy team is well versed with CCPA solutions including data management, consent management, and data lineage.
The consequences of non-compliance may be steep – the Attorney General may seek fines of up to $7,500 per violation, and consumers may have a private right of action and be entitled to statutory damages for certain violations.
Many companies that need to abide by the CCPA are not in compliance.
Businesses should start taking steps now to ensure compliance and avoid costly data breach related litigation and damage to business reputation.
Act now to safeguard your business, contact us to get an initial CCPA Readiness Assessment.
To learn more about our related services, please visit our Cybersecurity & Data Privacy page.