5 Steps You Must Take to Prepare for the CCPA

Effective Jan. 1, 2020, the California Consumer Privacy Act creates new protections for the personal data of California residents and new requirements for the businesses that process it. With CCPA’s 12-month look back from the effective date, enforcement beginning July 2020, and a private right of action tied to data breaches, some critical action is needed now.

To help businesses operationalize CCPA’s requirements, we present here five concrete action items privacy professionals can tackle, as well as the considerations that underpin each step.

We discuss how to determine whether and how CCPA applies to your business, necessary updates to vendor contracts and privacy notices, areas of focus to enable consumer requests, and organizational training needs. In each regard, we outline core requirements and point to additional resources for a deeper dive.