What the California Consumer Privacy Act (CCPA) & Similar Regulations Mean for You

Read this eBook for guidance on your journey toward more secure and resilient IBM i environments that enable compliance with government regulations.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act, also known as CCPA, gives California residents numerous data privacy rights while penalizing organizations that are in violation. The law, which took effect on January 1, 2020, groups these rights into five general categories:

1. The right to know what information is being collected
2. The right to know how personal information is being used
3. The right to opt out of the sale of one’s personal information
4. The right to access a copy of one’s personal information
5. The right to not be discriminated against by organizations when one exercises one’s privacy rights.

In addition to the above, CCPA puts pressure on organizations to protect California residents from having their personal data exposed by a data breach.

Thousands of organizations worldwide are affected by CCPA. That’s because, regardless of whether or not the organization is located in California, the organization will be required to comply as long as it meets one or more of the following criteria:

• Annual revenue is greater than $25 million and the organization stores/processes data about California residents
• 50% of annual revenue comes from selling information about California residents
• Personal information is collected or purchased that affects 50,000 or more California residents