The New California Privacy Rights Act (the CPRA) is about to Enter into Effect. What is Essential to Know?
On January 1, 2023, the California Consumer Privacy Act will be officially replaced with the amended legislation, The California Privacy Rights Act (CPRA).
The new legislation brings different and new requirements to businesses in California including:
New rights for consumers (including the consumers' right-to-know provisions in the CCPA).
Additions of sensitive data categories (geopolitical location, e-mail content, government ID, and more).
Employees in California will have more increased rights, as well as for the data of B2B's personnel.
The definition of "businesses" expanded, now covered by the privacy act and includes those "sharing" information as liable as well.
The CPRA also expands the CCPA's right to opt-out.
The CPRA sets limitations on storage, data minimization, and contract requirements.
Under the New CPRA, the CPPA can investigate violations on its initiative and impose significant fines.
What are the recommended next steps for your business:
1. Update your website privacy policy document. Make sure the new consumer rights are updated in this document.
2. Expand existing policies and procedures regarding retaining personal information and handling CPRA rights requests.
3. Create employee privacy notices, and make sure every employee and/or job applicant is aware of their rights.
4. Draft internal organizational data protection policies, which will ensure reference to the elements of Privacy by Design.
5. Verify vendor management compliance, including implementation of data transfer agreements with them.
6. Make sure to update service providers' agreements.
7. Make sure to update policies regarding the organization's human resources, as well as policies towards the employees of the business.
8. Conduct an assessment of how employee (including applicants') and B2B personnel personal information is currently collected, used, and disclosed
You can easily schedule a video call or write Privacy Labs if you wish to consult.
Comments