{"id":4165,"date":"2019-09-04T19:06:00","date_gmt":"2019-09-04T19:06:00","guid":{"rendered":"https:\/\/www.backupsfdc.io\/?p=4165"},"modified":"2021-05-07T17:34:47","modified_gmt":"2021-05-07T17:34:47","slug":"with-the-california-consumer-privacy-act-looming-businesses-are-in-the-hot-seat","status":"publish","type":"post","link":"http:\/\/18.233.203.232\/with-the-california-consumer-privacy-act-looming-businesses-are-in-the-hot-seat\/","title":{"rendered":"With the California Consumer Privacy Act Looming Businesses Are in the Hot Seat"},"content":{"rendered":"\n
The General Data Protection Regulation, or GDPR, went into effect on May 18, 2018, effectively setting a tone for new regulations to protect consumer privacy. By one standard, GDPR was just in time. The Identity Theft Resource Center reported that exposed consumer data grew 126% in 2018<\/a>, to encompass 446.5 million \u201csensitive records.\u201d Business Insider ranked what it called the 21 \u201cscariest data breaches\u201d<\/a> of the year \u2013 with celebrated organizations such as British Airways, Orbitz, T-Mobile, Saks, Cathay Pacific Airways, Facebook and Google+ as their chief targets. <\/p>\n\n\n\n Meanwhile, the California Consumer Privacy Act (CCPA) is set to take effect January 1, 2020 \u2013 a crushing deadline for millions of businesses.<\/p>\n\n\n\n While data privacy regulations have focused on holding organizations accountable for breaches of their systems and the Personally Identifiable Information (PII) they hold, what has arguably received much less attention is the rights of consumers to enforce the privacy of their personal data under California Consumer Privacy Act.<\/p>\n\n\n\n A tenet of CCPA is that consumers<\/a> should feel free to exercise their rights to safeguard their personal data. What\u2019s more, consumers should demand that organizations will be transparent about the usage of their personal data: what information the organization collects, how it is being used, and who it is being shared with.<\/p>\n\n\n\n Now, with California Consumer Privacy Act less than three months away, consumers have time to learn their privacy rights under CCPA. But businesses are in the hot seat, scrambling to become compliant by January 1. A recent survey<\/a> of 250 privacy professionals at organizations with 500 or more employees revealed<\/a> that 86% of companies are not prepared for the advent of the CCPA.<\/p>\n\n\n\n Businesses that don\u2019t comply by January 1 may be subject to stiff penalties. California Consumer Privacy Act penalties (issued via civil cases from the attorney general) can reach up to $2,500 per unintentional violation and up to $7,500 per intentional violation. And yet, most organizations face the uphill battle of revamping a number of business practices, but also systems to implement the new rights of consumers.<\/p>\n\n\n\n If a regulation ever demonstrated the primacy of personal data and privacy, it\u2019s California Consumer Privacy Act. Not only that, but CCPA\u2019s definition of personal data is extensive and comprehensive. Personal data, as defined in Section 1798.140(o)(1) includes \u201cinformation that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.\u201d And CCPA is more stringent, saying<\/a> that \u201cCalifornians are not just protected in their roles as consumers, but also as employees, patients, tenants, students, parents, children, etc.\u201d <\/p>\n\n\n\n The act spells out consumer protections in detail: Consumers have the right to:<\/p>\n\n\n\n While the GDPR penalizes companies for non-compliance as well as data breaches, the CCPA prescribes fines for non-compliant businesses and make them liable to civil class action lawsuits and paying restitution to California residents in case of data theft or a security breach.<\/p>\n\n\n\n With the multiple risks of noncompliance in mind, it may be time to consider automating compliance processes. Platforms for automation can eliminate weeks or months of tedious, error-prone manual processes, and the documentation they produce provides proof of compliance to auditors. <\/p>\n\n\n\n And if you\u2019re feeling the urgency of achieving compliance by January 1, remember that your organization may be subject to two or more regulations. For example, organizations bound by GDPR and CCPR face the complexity of running two compliance programs in parallel. If you have a software platform on which you can run those consistently, you\u2019ve taken the first step towards becoming and staying compliant. <\/p>\n\n\n\n Read our first three blogs on Data Compliance<\/p>\n\n\n\n Need more information about how Odaseva can help you? Contact our Data Compliance experts: https:\/\/www.odaseva.com\/contact-us\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"The General Data Protection Regulation, or GDPR, went into effect on May 18, 2018, effectively setting a tone for new regulations to protect consumer privacy. By one standard, GDPR was just in time. The Identity Theft Resource Center reported that exposed consumer data grew 126% in 2018, to encompass 446.5 million \u201csensitive records.\u201d Business Insider ranked","protected":false},"author":7,"featured_media":3948,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[18],"tags":[],"yoast_head":"\n