Firms Must Prepare For CCPA Compliance

Firms Must Prepare For CCPA Compliance

August 13, 2019 Off By administrator

The California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, signals a major shift in the way that the United States and allied economic powers treat consumer data protection and privacy. For many years, the government’s primary focus was protecting data and shoring up authorization practices. This led to multiple innovations in the way of technology and tactics to optimize data access and control. However, it meant that until recently, the government was focused on ensuring authorized access, but was less concerned with regulating usage after authorized access.

geralt / Pixabay

With CCPA, the United States is aligning more closely with a growing global trend towards better governing the use of data and providing consumers with the ability to determine and direct the use of their data. Coupled with increased regulatory sensitivity toward consumer data, shifting consumer expectations should serve as an early indicator for financial institutions that hardening perimeters and deploying rigorous access control is no longer going to suffice – data element level management and governance is necessary to enable appropriate usage.

Get The Full Series in PDF

Get the entire 10-part series on Charlie Munger in PDF. Save it to your desktop, read it on your tablet, or email to your colleagues.

Q2 hedge fund letters, conference, scoops etc

Global Shift Toward Governing Data Usage

Governments and regulatory bodies around the world have begun to make strides toward regulating appropriate usage of data to add to existing regulations around safeguarding data. The most restrictive current law in existence is the EU’s General Data Protection Regulation (GDPR), a regulation that strengthens and unifies privacy protection across the region and imposes fines upon an organization – up to 4% of the company’s annual global revenue – for breaches that occur.

The U.S. has a number of current and proposed laws that parallel this global trend, currently emerging on a state-by-state basis and applying only to companies that do business in that state and/or process data of state residents. At recent count, 14 states had some legislation underway on data protection and privacy, which broadly address four major themes:

  • Data Protection. Cover, at a minimum, direct information collected about consumers.
  • Transparency and the Right to Know. What information will be collected about consumers, where it is collected from, why it is being collected, and how will it be shared.
  • Consumer autonomy. Extend consumers’ autonomy over the use of their data.
  • Obligations for safeguarding consumer data, including cybersecurity risk management, breach reporting, multifactor authentication, and access limitations.

Eight Steps to CCPA Readiness

As the regulatory landscape shifts towards governing data usage, businesses should begin to integrate privacy into all facets of their business, from internal items like strategy,

(Excerpt) To read the full article , click here
Image credit: source