CCPA Compliance

There are Major Ramifications in Regulations That Impact How Businesses Operate.

The New California
Privacy Law

California has taken substantive action to protect consumer data within the state. Passed in 2018, the California Consumer Privacy Act (CCPA) came into force on January 1, 2020 and its chief objective is the regulation of standards surrounding consumer data, privacy guidelines, and new data rights.

Many businesses must be CCPA compliant, but the regulations do not apply to all. Given the comprehensive and complex nature of the CCPA, it is vital that businesses ensure they are knowledgeable on the compliance standards and take proactive steps to be compliant. Moreover, the CCPA can be changed by lawmakers in the future, making it an evolving set of standards. Contact us at CDG for more information on the CCPA and to receive expert security guidance.

Businesses That Must Be CCPA Compliant

A business does not need to be located in California for it to have a legal duty to be CCPA compliant. The CCPA deals with a legal entity who provides goods or services to California residents and, thereby, uses California consumer data. If a business meets one of the following criteria, it will be required to meet CCPA compliance; has an annual revenue of at least $25 million, gathers or accesses personal data of at least 50,000 California consumers, or earns half of its revenue from California consumer data.

However, a business need not be CCPA compliant if every aspect of its business transaction occurs outside of California, while the Californian is not located in the state, and the resident’s data is not collected.

What is Compliance?

Consumer data

Consumer data as described by the CCPA concerns personal information that could be used to identify a California resident. Such personal information includes names, addresses, products purchased, consuming history, and internet activity. In order to protect consumer data, businesses must meet the compliance standards. Some of the standards include latest consumer rights, such as persons having the ability to view and delete the consumer data a business may have collected.

Detailed compliance regulations

Detailed compliance regulations include, but are not limited to, updating company privacy policies, training employees on the proper use, procedures and handling of data, using secure data inventories that are frequently updated, accounting for new user rights and preparing for consumer data requests, and ensuring database administrators have the tools necessary for the secure tracking and storing of personal information.

Protected Clients

We protect our clients from cyber criminals, and we create robust security programs which can withstand current and future threats.

CCPA Violations

Violating CCPA regulations

Currently, the California Attorney General deals with CCPA enforcement, with enforcement mechanisms coming into effect on July 1, 2020. Consumers can sue a business if they believe the business violated CCPA regulations. A lawsuit can result in a business facing high penalties and civil damages. Furthermore, the Attorney General also has the authority to prosecute a business for a CCPA violation.

Cyber Defense Group

If you are interested in learning more about how we can help with CCPA Compliance, please call us or fill out the contact form provided. We look forward to helping you.

Contact CDG

We mobilize and launch a complete investigation of any suspected incident within 24 hours.

  • Determining the extent of a breach
  • Performing a full-scope response from Identification to Recovery
  • Incident Response retainer services, including IR preparation for your team

Incident Response

If you think you have been the victim of a cyber attack, contact us right now.

  • Determining the extent of a breach
  • Performing a full-scope response from Identification to Recovery
  • Incident Response retainer services, including IR preparation for your team