The political world can be vast and confusing, especially when it comes to laws that can affect your business. Luckily, Elroi is here to help and keep you both up to date and compliant! While we do not yet have a national data privacy law in the United States, state policies, such as the California Consumer Privacy Act, can still have major impacts on how you conduct business.
Check out the information and tips below to make sure your business is up to date and compliant with the new laws in California.
The California Consumer Privacy Act (CCPA) was passed by the state of California in 2018 and went into effect on January 1st, 2020. This law gives Californian’s:
The California Consumer Privacy Act (CCPA) applies to all for-profit businesses that work with Californians and that meet one, or more, of the below qualifiers:
Yes! The CCPA effects any for-profit business that meets the criteria above.
“Personal Information” is defined broadly under the CCPA. The law’s technical definition is “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household”. Some of the information is:
The CCPA excludes:
One of the easiest ways for your company to become compliant under the CCPA is by reaching out to Elroi. With expert data privacy knowledge, we can help your company become more compliant with data laws from California and European data protection laws too!
Make sure your company is in compliance by following our blog, our social media platforms, and by letting Elroi take care of all your privacy needs!
A Privacy Impact Assessment (PIA) is, simply put, a brief report on how your organization collects, uses, and stores what is commonly known as Personally Identifiable Information (PII). The PIA has become more prominent in recent years in the United States and in Europe, the General Data Protection Regulation (GDPR) imposes a requirement for companies to perform a similar assessment known as a Data Privacy Impact Assessment (DPIA).
The SHIELD Act requires any person or business owning or licensing computerized data that include the private information of a resident of New York (“covered business”) to implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of the private information. The SHIELD Act will have far-reaching effects, as any business that holds private information of a New York resident—regardless of whether the organization does business in New York—must comply with the new law.