Data fuels our modern world. It is no wonder that we see a never-ending increase in data breaches. For example, take Facebook’s breach of 2018 that affected about 50 million accounts. About a year later, the social media giant was back in the news. This time with over 540 million breaches.
Social media is not the only industry that suffers from data exploitation. Hackers gained access to the data belonging to Capital One. This breach affected about 106 million customers across Canada and the United States. In a separate incident, Equifax also fell victim. This breach that compromised the personal information of 147 million Americans.
The effect that these breaches impose on the consumer is mounting. A recent study by the Pew Research Center concluded that nearly half (49%) of the population had lost trust in data security systems. This demographic believes that their personal information is less secure today than it was five years ago.
As companies take measures to protect the consumer, many states are taking a look into organizations’ privacy laws. The California Consumer Privacy Act (CCPA) is the most comprehensive law to date. The act took effect on January 1, 2020. As we await enforcement on July 1, 2020, are you prepared?
What does the CCPA Privacy Law Mean for Non-California Businesses?
The CCPA privacy act will address different issues. The act gives the consumer more control over their personal data. The effects of this law will reach far beyond the borders of Golden State.
If your for-profit SMB resides outside California, you may be on the hook to comply. As long as you do business or have customers in California, you must conform to CCPA privacy regulations.
If your company meets any of the following criteria, you must conform to the regulations:
- Over $25 million in gross revenue
- Your company sells, receives, or shares the personal information of more than 50,000 individuals.
- Your organization earns 50% or more of its annual revenue on selling consumers’ personal information.
For companies that do not meet the criteria, maybe it’s time to work towards compliance. Many states are using the CCPA privacy act as a template to draw up their own laws. It’s only a matter of time before privacy laws get to your business.
Giving The Consumer Power Over Data
The CCPA privacy act will empower the consumer to monitor and protect personal data. We can categorize consumer data into five high-level categories:
- Businesses must inform the consumers of the intent to collect personal information.
- The consumer reserves the right to know the specifics of data collection and use. What data do you collect, for what purpose, and to whom do you share.
- The consumer has the right to prevent the organization from selling personal data to a third party.
- The act prohibits businesses from charging different prices or denying services to consumers.
- The consumer can request a business to remove his or her personal data.
Businesses need to take a hard look at personal data-governance. It is time for your business to evaluate its data security capacity.
Working Towards Compliance
Many businesses are slow to comply with CCPA regulations. Have you started your journey towards compliance? The steps below can ease your burden.
Step 1: Evaluate your current data capabilities. Does your organization have a system of identifying and classifying personal data?
Step 2: Take a look at your organization’s data governance capacity.
Step 3: Formulate a strategy to monetize data. Workaround the CCPA privacy regulations to ensure your strategy complies.
Step 4: Take stock of the company’s privacy controls. Keep an eye out for loopholes in CCPA requirements. Prioritize the technologies and processes that need updating.
Step 5: Be proactive in setting up a CCPA management program. Have an office that will handle all things around CCPA compliance.
Step 6: Implement some regulation monitoring procedures. Such drills will ensure that your business stays compliant in the long haul.
Your Business Can Benefit From Compliance
Consumers will want to work with companies that protect their personal information. As a compliant company, you can market your adherence. This strategy will win over new clients and boost your sales. You will also inspire loyalty in your existing customers.
InfoSecEnforcer offers your business software for CCPA compliance. With our technology, you can avoid penalties and consumer action under the CCPA act.
InfoSecEnforcer’s CCPA compliance automation software has the following capabilities:
- Automate and manage your consumers’ privacy requests
- Speed up data discovery and lookups
- Prevent data breaches.
Contact us to discuss your options. We will guide you on your journey towards CCPA compliance.