On June 28, 2018, California enacted the sweeping Consumer Privacy Act, which takes effect on January 1, 2020, that contains similar provisions to the European Union’s General Data Protection Regulation (GDPR).
Businesses collecting personal information on California residents that fall into one of the following categories should begin planning now in order to be in compliance before the Act’s effective date:
Certain exceptions will apply to exclude otherwise qualifying businesses from California’s new law. Two major exceptions include businesses governed by HIPPA regulations or the Gramm-Leach-Bliley Act.
Businesses that find themselves under the jurisdiction of California’s new privacy law should be aware that consumers will be armed with several individual rights:
As many U.S. companies will be affected by this law, planning now and adjusting to the mandates is advised. Considering that some of the terms and certain provisions of the law need greater clarity, staying up to date on further interpretive guidance and possible amendments is important as well. Please contact Walt Green or Greg Reda if you have any additional questions regarding this amendment or cybersecurity.