IDC Names Securiti a Worldwide Leader in Data Privacy
ViewJanuary 2020 will usher in more than a New Year, it will also trigger the enactment of the California Consumer Privacy Act impacting about 500,000 organizations. As Patience Haggin outlines in her recent Wall Street Journal article, the CCPA “applies to any for-profit business that does business in California and collects data on California residents, as long as its annual revenue tops $25 million, or it holds personal information on at least 50,000 consumers, or it generates at least 50% of its annual revenue from selling user data.” This means that, whether or not you physically operate in the state of California, if your website serves the state’s residents, the new law applies to you as well.
The article, titled “Businesses Across the Board Scramble to Comply With California Data-Privacy Law,” comes as news to many. For us at securiti.ai, it’s further justification for the solution we provide, and the recognition is validating. Haggin explains how the CCPA will enable California residents to request retailers, restaurants, airlines, banks and many other companies to provide them with any personal information they may have, including individual contact information, purchases and loyalty-program history. Consumers are further empowered with the ability to request that businesses delete their data entirely, or opt out of letting them profit from it.
Haggin cites Gap Inc. as an example and includes quotes from Dan Koslofsky, associate general counsel for privacy and data security at Gap, discussing the massive undertaking that preparing for the CCPA presents to companies that haven’t previously been regulated -- i.e. anything other than healthcare or financial services.
According to the International Association of Privacy Professionals, there are over 500,000 U.S. businesses across across industries that will be required to comply when the CCPA takes effect. From food and beverage companies to retailers to health insurers, banks and airlines, there’s no industry that will go untouched by the new privacy laws.
As the amount of data we create has grown, no system to organize it has grown with it. Haggin writes, “few companies keep all their customer data in one place, and now many are scrambling to build tools to match up individuals’ data across disparate systems, such as directories, purchase histories and customer-service request logs.”
The upcoming change for businesses is significant, but not unprecedented. For instance, companies like Gap have already gone through similar compliance issues in Europe with the EU’s General Data Protection Regulation. The GDPR, which took effect last year, is similar in its scope of customer-data requirements.
According to a PricewaterhouseCoopers survey this past year, only 52% of businesses expect to be CCPA-compliant by January 2020. To illustrate the kinds of concerns businesses big and small are having, the WSJ quotes Jeff Savage, president of Sacramento’s minor league baseball River Cats, “I’m concerned about people falsely accusing us of having information on them when indeed we don’t. How do I prove to Joe Smith that I don’t have his info?”
The WSJ explains that businesses receiving data requests will be required to comply within 45 days or risk fines and litigation, and that “the law threatens steep damages in the event of a data breach—as high as $7,500 per affected person.”
Could the CCPA be a sign of things to come? The WSJ likens the law to another standard that began in California -- regulated auto emissions -- and many believe that the requirements of the CCPA may soon become the national standard. In other words, this is only the beginning for PrivacyOps.
Get all the latest information, law updates and more delivered to your inbox
July 23, 2023
The California Consumer Privacy Act was drafted to protect an individual’s personal data. This Act was designed to make organizations responsible custodians of the...
July 19, 2023
Many business owners, compliance professionals, and IT security staff have been scrambling to deal with the impact that GDPR had when it took effect...
July 18, 2023
In our previous blog post “How to Manage DSARs Under CCPA Efficiently and Effectively” we defined and discussed Data Subject Access Rights or DSARs...
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
Copyright © 2023 Securiti · Sitemap · XML Sitemap
[email protected]
300 Santana Row Suite 450. San Jose,
CA 95128