What Is CCPA? Everything You Need to Know to Become Compliant

What Is CCPA? Everything You Need to Know to Become Compliant

The California Consumer Privacy Act is in effect as of January 1, 2020. So, what now? Here are the next steps and how this affects your marketing campaigns.

Explain Like I’m Five: GDPR Updates & CCPA

Are you still up to date on GDPR, almost a year after it took effect? Plus, a “mini GDPR” is right around the corner. The California Consumer Privacy Act (CCPA) will become effective on January 1, 2020. Are you prepared?

In this webinar, data privacy expert Jodi Daniels will explain the GDPR updates and CCPA requirements, and share what these mean for IT and security teams.

Click here to see how BetterCloud supports CCPA compliance: https://www.bettercloud.com/ccpa/

Questions for Jodi? You can reach her at [email protected] or visit https://redcloveradvisors.com/.

In this webinar, you’ll learn:

– Guidance on how to interpret GDPR now, a year later
– Requirements for CCPA compliance, and how you can start preparing today
– Common GDPR/CCPA compliance challenges your peers are facing

Jodi Daniels is a digital privacy expert with more than 20 years of experience in privacy, marketing, strategy, and finance roles. She is the founder of Red Clover Advisors, a data privacy consultancy that assists companies with GDPR and CCPA compliance, operationalizing privacy, digital governance, and online data strategy. Jodi has worked in multiple industries such as financial services, automotive, media, and retail for Cox Enterprises, The Home Depot, and Deloitte. She most recently served as the privacy partner for digital banking and digital marketing, financial center channel operations, ATMs, and military banking channels at Bank of America.

What is the CCPA? Where does it apply? How do I comply?


00:00 – Intro
00:12 – What is the CCPA’s 12-Month Look-Back Period?
00:50 – Who is Required to Comply with the CCPA?
01:55 – Where does the CCPA Apply?
02:10 – What are the Penalties for Not Complying with the CCPA?
02:48 – How can DPO Adviser help you achieve CCPA Compliance?

On January 1, 2020, companies must comply with California’s new landmark privacy law, the California Consumer Privacy Act, or CCPA as its widely known. Now, why is it important for us to talk about the CCPA today when it doesn’t come into effect until January 1 of 2020?

It’s important because the CCPA contains a 12-month lookback provision which requires businesses to respond to any consumer requests for personal information collected or sold within the past 12 months preceding the consumer’s verifiable request. As a result, companies must maintain accurate records of a consumer’s personal information from January 1, 2019, onward.

Who is required to comply with the CCPA? The CCPA applies to for-profit businesses that do business in California, collect or receive personal information from CA residents, and meet one or more of the following categories:

The first category applies to companies with annual gross revenue of over 25 million dollars. Category two covers companies that annually buy, sell, receive, or share for a commercial purpose the personal information of 50,000 or more consumers, households, or devices, or The third category includes any company that derives 50% or more of its annual revenues from selling consumers’ personal information.

Category two is likely to capture any company that conducts business online or through a mobile application. Take, for example, a company that runs an online blog that receives an average of 150 visitors per day. Over the course of one year, that will add up to more than 50,000 people. If the company’s blog is collecting visitor’s personal information, such as collecting individuals IP addresses or browsing history through the use of cookies, then that company will fall within the scope of the CCPA.

Where does the CCPA apply? The CCPA can be enforced against any organization, anywhere. The act does not require organizations to have a physical presence in California. It merely requires that companies do business in the state and meet one of the three threshold requirements.

What are the Penalties for not complying with the CCPA? The CCPA creates enormous liability for companies that fail to comply. The CCPA allows for fines of up to $2,500 per violation or $7,500 per intentional violation, and the CCPA does not place a cap on the total amount of fines.

To put this in perspective, a CCPA violation affecting 10,000 California consumers can result in a penalty of $25 million for an unintentional violation and up to $75 million for an intentional one. Further, according to a study conducted by IBM, you are more likely to suffer a data breach of at least 10,000 records than you are to catch the flu this winter.

How can DPO Adviser help you achieve CCPA Compliance? At DPO Adviser, we provide comprehensive CCPA compliance solutions and simplify the processes for responding to individual rights requests for personal information. We work to understand client products and services and develop a compliance strategy that decreases risk around personal data and improves that data’s value by making it more transparent, which enables clients to make more effective business decisions. With the 2020 deadline looming, and customer attention to privacy growing, now is the time to get started on a robust CCPA-compliant privacy program. Contact us today to learn more about how we can help your organization achieve CCPA compliance.

The CCPA Is Here: What’s Changed and What You Need to Know for Compliance

Kevin Kiley, Vice President, OneTrust Vendorpedia

Natasha Amlani, Associate, Perkins Coie LLP
Rebecca Beard, Global Senior Privacy Manager, Dropbox

While California’s Consumer Privacy Act became law on Jan. 1 2020, many key amendments only just passed—meaning security and privacy pros may still be scrambling to build CCPA-compliant programs. This session will bring together the top CCPA experts to detail the latest on the law, including key amendments, share case studies and research on CCPA preparedness, and give a roadmap for compliance.Pre-Requisites: Attendees should have an intermediate understanding of the privacy landscape today and it’s impact on day-to-day business operations.

11 CCPA Compliance Steps that You Should Take (5 Minutes)

The California Consumer Privacy Act (CCPA) is a privacy law similar to GDPR that went into effect on January 1st, 2020. It afforded California residents the right to opt-out of the selling of their personal data and to know exactly what is collected about them. This privacy law will have ripples throughout the IT community as it will require organizations to track what data they collect and be ready to delete it upon consumer request.

CyberX CCPA 11-Step Guide
(Check out our Data Mapping Tool on the Page)

If you need help with the cybersecurity of your organization, reach out to us at https://cyberx.tech/contact/