Who is impacted?
The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020 and applies to any organization collecting personal data of California consumers.
Fines are issued by the California Attorney General and can be massive ($7,500/per breached record).  For example, under CCPA if an organization experiences a breach or violation and 10,000 consumers are affected, the fine would be $75,000,000! CCPA goes a step further when it comes to legal liability: individuals have legal standing and the right to bring civil action against organizations that do not comply with CCPA requirements.
Key Takeaways
Similar to GDPR, the
CCPA privacy law requires organizations maintain control of data and to implement security procedures
. A compliant, recognized Cyber Security Framework and data destruction process must be in place and organizations must track all data under its control.
White Paper | May 2020 QUICK LINKS: