US businesses have an opportunity to “seize an opportunity” if they respond proactively to the The California Privacy Rights Act, according to a speaker at the Last Thursday in Privacy online event on 25 June.
Speaking at this month’s Last Thursday in Privacy event , OneTrust Privacy Engineer Ethan Sailers gave key insights into how a business can prepare for CPRA/CCPA 2.0 after it was announced that enough signatures were received to make it eligible for the ballot this year. If passed, it will become effective 1 January 2023.
The new Act intends to address specific elements of the CCPA that supporters feel come up short, according to Sailers. The key adjustments are new consumer rights, including the right to access, and a new category for sensitive personal information. This includes passport number, credit card information, location, health data and ethnic origin.
According to Sailers, businesses need to focus on two key areas: internal governance and consumer-facing processes. Insternally consider how you are going to track sensitive data, prepare inventories or data maps and ensure that your business model is adaptable and iterative.
Externally, ensure that processes meet regulation standards by updating the intake for additional request types. Importantly, companies already complying with CCPA can build on the foundations that have already been set.
Customers will also be provided with a link to opt-out of the sale of sensitive information to adtech.
Business should see the bigger picture, Mr Sailers said, and should “seize a global privacy program opportunity”.
Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.
Reserve your place before 2nd October, and receive VIP access to PrivSec Global which includes priority access to limited space sessions, workshops, networking opportunities and exclusive content.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.