The CCPA has been up and running for a couple of years now, with changes coming in 2023 with the amendments from the Consumer Privacy Rights Act (CPRA). While a federal law is always being teased and other states coming online in 2023, California remains the state privacy law by which to assess and manage compliance when processing personal data.
So, as you might imagine, loads of questions and anxiety over the country's most comprehensive state privacy regulation continue to keep us busy. This prompted us to provide a simple 3-step process to determine if the law applies to your business (now, in 2023, or beyond), what you need to do to meet the law's requirements, and how to begin considering a national approach to data privacy governance. While no summary can capture every aspect of developing a compliance plan, we hope the following resources are helpful in getting your arms around managing privacy and meeting the (applicable) requirements of the California laws.
- Step One: Does the CCPA Apply to My Business?
- Step Two: How does the CPRA Apply to My Business?
- Step Three: Meeting CCPA and CPRA Requirements.
Again, as always, seek qualified legal counsel whenever making determinations about your company's legal or compliance obligations. Taft's Privacy and Data Security Practice stands ready to assist you with a risk-based, common-sense approach to your data governance needs. Stay tuned to Privacy and Data Security Insights for more on California and all things privacy, and don't forget to download our free mobile app, to give you quick, real-time access to PDS content and updates.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.