July 1 has come and gone, and the California Consumer Privacy Act (“CCPA”) is being enforced. Cases are already being filed against companies large and small. COVID-19 or not, California AG Xavier Becerra has declined to delay enforcement, saying “Businesses have had since January 1 to comply with the law, and we are committed to enforcing it starting July 1.”
If you haven’t completed (or…started?) your CCPA compliance, here are four things you can do right now to put your company in a better position:
- Prioritize CCPA compliance. The pandemic has not been kind to many businesses, and hardships can be seen everywhere, including the state of California. While that may make you want to start to play the world’s smallest violin, it does beg the question: how is California going to make up its revenue shortfall? Enforcing CCPA penalties is one way they can quickly amass a large amount of funds, and penalties add up quickly for non-compliant companies. Your customer-facing processes and notices should be in compliance with CCPA.
- Review how COVID-19 has changed your processes. Many companies are collecting new and different customer and employee information, or changing the way that information is collected, stored and transferred. Review these processes and make sure they’re in compliance with CCPA. Check in with your vendors to make sure they’re making the necessary CCPA adjustments as well.
- Respond to consumer rights requests. Do you have a way to handle data access requests? If your answer is “Yes, via email” then that’s better than “what’s a data request?”, but not by much. You should already have implemented a scalable response process to ensure that you provide adequate and timely responses to requests that your business is receiving to exercise right to know, right to delete, or “do not sell.”
The above isn’t all-inclusive, but it’s a start. To learn more about how Clym can help with your CCPA compliance, contact us today.