CCPA Brings Data Management to the Forefront
While January 1, 2020 marks the start of a new year and a new decade, it’s also the dawn of a new era in the State of California. On that day, the California Consumer Privacy Act (the CCPA for short, also known as AB375) becomes law. Even if you don’t have a business in California, this sweeping legislation may still affect you.
The key to CCPA compliance lies in effective data governance and data management. Read on to learn more about the CCPA, how data management best practices help you to comply with the regulations, and what Precisely can do to help.
What is the CCPA?
The CCPA arose from three primary considerations: the rapid rise in the value of consumer data; concerns about the privacy of consumer data; and the significant increase in data breaches exposing consumer data to fraudulent and criminal use. Consumer information (particularly for B2C uses, but not excluding B2B) is incredibly valuable to help improve customer engagement, retention, and added revenue opportunities. Companies can learn so much from a customer’s purchase history, web browsing, and demographic and location information.
While some consumers appreciate the potential improvement in customer service and engagement, many consumers feel that organizations know too much about them. And when the organizations collecting that information sell the consumer’s data to other third-parties for monetary gain without the consumer’s knowledge, the privacy of individual consumers becomes compromised.
Further, because customer information is highly valuable, that makes it attractive to hackers and criminals. Each year, the number of breaches grows as well as identity theft. To protect its residents, California’s legislators introduced the CCPA.
The legislation does three things:
- Protects a consumer’s rights to tell a business how it can use or sell personal information
- Gives consumers control over personal information collected by companies
- Forces businesses to be responsible for safeguarding consumers’ personal information
You’re affected by the CCPA if:
- You collect the personally identifiable information of California residents, including individuals who reside in California households
- Your annual gross revenue is over $25 million
- You interact with the information of 50,000 or more California consumers, devices, or households
- You derive more than 50% of your annual revenue from selling such information
The penalties for noncompliance are high:
- Up to $750 per incident, per consumer, or actual damages – whichever is higher
- Intentional violations of privacy could be as much as $7,500 per each consumer
- A single incident involving 10,000 consumers could yield a $7.5 million penalty
Data Governance Strategies for Addressing California Consumer Privacy Act Requirements
The California Consumer Privacy Act (CCPA) introduces compliance challenges requiring new data governance strategies. Read this eBook now to learn why it’s crucial for organizations to adopt the solutions they need to find, connect, monitor and govern the many types of data that CCPA protects.
Why is the CCPA about data governance and data management?
Now that the CCPA’s origins, mandates, and penalties are a bit clearer, let’s talk about the role data governance and data management plays in compliance. At its core, the CCPA’s requirements are about access to data, transparency about data held, ensuring that customer requests are met (including requests to delete data), and the sale of consumer information.
When you put data governance and data management best practices in place, you can respond to these requirements. Data governance provides the framework including the policies and practices around the data in your organization. Data management is about how you collect, store, migrate, transform, analyze, and archive data. By extension, data management best practices ensure that you have organized, secure data that’s accessible when you need it.
How can Precisely help you stay compliant with CCPA and other data privacy regulations? Precisely Trillium for Data Governance delivers data profiling and data quality processes to find data at risk for CCPA compliance, and integrates those processes into your enterprise data governance and data management solutions. The result is information you can trust, as well as compliance with CCPA.
Are you covered for CCPA? To learn more, read our whitepaper: Data Governance Strategies for Addressing CCPA Requirements