The current state of data privacy in California:
- Get ready for California Consumer Privacy Act (CCPA) compliance. On January 1, 2020, consumers will have the right to request personal information about them collected or sold by a business during the preceding 12 months.
- Ensure ongoing compliance with federal, state, or local laws governing data privacy. These laws are not impacted by the CCPA.
- Keep current with cyber-insurance coverage. Given the potentially devastating costs of a data breach, businesses must keep current with the rapidly evolving landscape of cyber-insurance coverage.
- Develop a data breach response plan and practice its implementation. An actual data breach should not be the first test of your response plan.
- Take a multi-jurisdictional approach to data privacy compliance. For example, compliance in California may not satisfy obligations under the EU’s General Data Protection Regulation (GDPR).