5 Steps You Must Take to Prepare for the CCPA
This white paper outlines core requirements of CCPA compliance and provides additional deep dive resources.
Published: 19 Oct. 2019
Effective Jan. 1, 2020, the California Consumer Privacy Act creates new protections for the personal data of California residents and new requirements for the businesses that process it. With CCPA’s 12-month look back from the effective date, enforcement beginning July 2020, and a private right of action tied to data breaches, some critical action is needed now.
To help businesses operationalize CCPA’s requirements, we present here five concrete action items privacy professionals can tackle, as well as the considerations that underpin each step.
We discuss how to determine whether and how CCPA applies to your business, necessary updates to vendor contracts and privacy notices, areas of focus to enable consumer requests, and organizational training needs. In each regard, we outline core requirements and point to additional resources for a deeper dive.
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
5 Steps You Must Take to Prepare for the CCPA
This white paper outlines core requirements of CCPA compliance and provides additional deep dive resources.
Published: 19 Oct. 2019
Contributors:
Caitlin Fennessy
Vice President and Chief Knowledge Officer, IAPP
CIPP/US
Effective Jan. 1, 2020, the California Consumer Privacy Act creates new protections for the personal data of California residents and new requirements for the businesses that process it. With CCPA’s 12-month look back from the effective date, enforcement beginning July 2020, and a private right of action tied to data breaches, some critical action is needed now.
To help businesses operationalize CCPA’s requirements, we present here five concrete action items privacy professionals can tackle, as well as the considerations that underpin each step.
We discuss how to determine whether and how CCPA applies to your business, necessary updates to vendor contracts and privacy notices, areas of focus to enable consumer requests, and organizational training needs. In each regard, we outline core requirements and point to additional resources for a deeper dive.
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Tags:
Related resources
US State Privacy Legislation Tracker
Organizational Digital Governance Report 2025
US State Comprehensive Privacy Laws Report
US Data Privacy Litigation
