The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. Its primary function
is to enhance privacy rights and consumer protections for California residents. The CCPA regulates what businesses can and cannot do with personal information they collect. Its considered a landmark legislation on data protection because of its strict guidelines.
In part, the bill grants a consumer the right to request a business to disclose the categories and specific pieces of personal information that it collects about the consumer. The bill is also designed to require a business to make disclosures about the information and the purposes for which it’s used. Further, citizens have the right to request their data be deleted.
Intentional non-compliance of CCPA regulations results in a maximum fine of $7,500 USD per violation. The legislation also establishes the right of consumers to take private action against erring covered businesses. This means that any California resident whose personal information was accessed illegally, stolen, or disclosed as a result of substandard security measures can file a civil suit.
Statutory damages for such civil cases have a minimum of $100, and a ceiling of $750 per consumer per incident, plus any other declaratory, injunctive, and other relief the court deems proper. At first glance, the numbers may seem small, but consider that most breaches involve hundreds of thousands of records. If the cost of each record involved in a breach equals $750, organizations could be looking at expensive lawsuits.
This white paper provides insight on the new CCPA and how the Spirion data discovery, classification, and protection platform delivers critical functionality that helps organizations meet full compliance.
To read the full whitepaper, please fill in the form below
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/