The state of California this summer passed the California Consumer Privacy Act (CCPA). This data privacy regulation is the first United States law that follows directly in the footsteps of GDPR. Businesses both inside and outside of California will be affected by its requirements.
The CCPA regulation extends privacy protections and rights to all California residents, which are defined as all natural persons “enjoying the benefit and protection of laws and government” of California who are in California “for other than a temporary or transitory purpose” or “domiciled” in California but “outside the State for a temporary or transitory purpose.”
If you sell your product or service (through any channel, including reseller or third party) anywhere in California, you are required to comply — there are a few exemptions for smaller business.
Bottom line: Whether CCPA applies to your firm or not, you MUST start preparing for stronger data privacy laws. The California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) may signal a coming global standard for data protection.
What are the next steps toward data compliance?
- Conduct a data audit to understand where in your organization personal data is held and who has access to it. You need to understand your data in order to properly protect it.
- A cyber-risk assessment will help identify gaps in your cybersecurity risk management program.
- Work toward a GDPR- and CCPA-compliant system with policies in place to keep it that way. Following these guidelines will help ensure your business is compliant as more data privacy regulations are put in place.
ACE IT Solutions offers a comprehensive suite of customizable cybersecurity services to meet your organization’s specific risk profile and compliance needs.
We continually invest in evolving our information protection program, developing our people, processes, technology and systems to create best-in-class risk management services. Protecting your information requires a strong defense on all fronts: from setting a dynamic cybersecurity strategy to developing and implementing comprehensive controls and information security services.
Our cybersecurity program is designed to ensure the security, integrity, and uninterrupted delivery of information so that we can support our clients’ growth objectives. Contact ACE IT Solutions at 646.558.5575 to set up a NIST-based cybersecurity assessment.