CCPA (California Consumer Privacy Act) is applicable from 1 January 2020. CCPA applies to businesses who process personal information of residents of California . Any person, business, or service provider that violates the CCPA will be liable for a civil penalty of not more than $2,500 for each violation or $7,500 for each intentional violation.
This means if you are dealing with business in California or process personal information of citizens of California you need to change the way you process personal information. CCPA is not only about security of data but require major changes in organization controls as well. There are some mandatory policies and procedures which should be in place and organization must produce strong demonstrable evidences to prove CCPA compliance is in place.What is required?
All public platforms , portals , products , require restructuring at program and database level. New procedures are required at organization level to address requests from data subject. Legal basis needs to be established for processing personal information. Law require processing of personal information as per requirement of law. Law require employees to be trained on CCPA and organization must conduct regular self audit to prove CCPA compliance is in place.Who is affected?
Irrespective of nature of business if you are dealing with California data subject personal information you need to comply with CCPA. If you are processing on behalf of your client there will be serious business discontinuity issues as your clients will require their processors to be compliant with law and process personal information as per law.
To know more about how we can help achieving CCPA compliance feel free to contact us