The California Consumer Privacy Act (CCPA) comes into effect in 2020 and the exact language of this privacy bill will change but... the core concept won't change: offer customers access to, control over, and protection of personal data.
Compliance measures should be put in place now. Companies need to ensure that they obey CCPA when they collect, use, sell, and share consumer data. The consequences include stiff fines.
The severe penalties and financial harm that noncompliance of this bill result in apply to large businesses, but even small businesses should prepare for it (Note that CCPA does not apply to nonprofits). And while CCPA privacy rules do not apply to you small business and nonprofits yet, there is a good chance that similar rules will sometime soon.
There is the possibility that some requirements will nevertheless apply to a small business (e.g. if that company is considered a service provider by a larger business covered by the law). So even small businesses should determine if they have CCPA obligations directly or because they have contractual obligations flowing from a business.
Small businesses may not face the compliance burdens under CCPA but many small businesses must nevertheless be prepared to enhance their privacy protections as the law comes into effect at the beginning of next year. CCPA provides small businesses with an incentive thinking about how they process and protect customer personal data.
How to comply?
Start by asking:
Homepages must feature a conspicuous “Do Not Sell My Personal Information” link, making it clear to CA consumers they can ask companies to stop trading their personal data.
Summary of website changes to make for CCPA compliance:
Please contact Kahl Consultants soon if you would like additional assistance with CCPA compliance.