The California Consumer Privacy Act (CCPA) could set a new standard for privacy and data security in the US.

Privacy and data security standards in the United States may be fundamentally overhauled early next year with the introduction of the CCPA. Parallels have been drawn between the CCPA and GDPR, with the CCPA requiring data privacy protections similar to those imposed by the European Union.

The CCPA will allow all residents of California to know what personal information is being collected about them by for-profit companies operating in the state, whether it is sold, disclosed or simply held.

Whilst only applying to residents of California, the impact of the CCPA will be significant. Nearly 40 million people live in the state, and if it were a country, California would be the fifth largest economy in the world. With the risk of hefty penalties and civil action suits, the CCPA cannot be ignored.

The CCPA is not simply something companies need to be aware of, specific measures and action need to be taken when it comes into effect. For example, the CCPA requires companies to create a channel - such as a toll-free number - for consumers to request information regarding how their data is being used.

The CCPA, hot on the tail of GDPR, could mark the start of a bigger sea-change in data security. There may be more changes to come that impact companies as they strive to uphold new privacy and data security standards.

Despite financial fines for data breaches being less severe than GDPR’s penalties, the CCPA certainly puts companies’ data management practices under the spotlight.  

Schedule a demo to learn how Tessian can help you become CCPA compliant.