+91 86086 34123
Stay Connected:
CCPA stands for California Consumers Protection Act 2018. It is the most recent personal data protection law passed by the State of California, aimed to protect the right to privacy of its residents and as a response to the increased role of personal data in contemporary business practices and the personal privacy implications surrounding the collection, use, and protection of personal information.
For more information on how our Briskinfosec penetration testing services can help to safeguard your organisation, call us now on +91 860 863 4123 or request a call back using the form below.
The CCPA will apply to for-profit businesses that collect and control California residents' personal information, do business in the state of California, and meet at least one of the following thresholds:
Companies already following GDPR guidelines will have a bit of a leg up becoming CCPA-compliant with the two privacy measures overlapping in certain areas. But meeting all the requirements for the new CCPA standards will still take diligence even for those already compliant in other areas—and face new consequences for any gaps.
Cybersecurity starts from proper awareness. Briskinfosec BINT LAB cybersecurity researchers continuously put extraordinary effort to help you to realise cybersecurity better and faster. Just download the ThreatSploit Adversary report.
For businesses that must adhere to CCPA law, compliance breaks down into 5 main requirements:
As with any compliance enforcement, violating the CCPA comes with a price tag. Under Section 17206 of the California Business and Professions Code penalties are $2,500 for an unintentional violation, and $7,500 for intentional violations. The new privacy law will allow individuals to recover between $100 and $750 per incident—or greater if there’s solid evidence that damages exceed $750.
Does Your Business Have to Comply with CCPA?
Any for-profit organization doing business in California that collects consumers’ personal data and meets the following qualifiers must comply with CCPA:
While the current compliance requirements are limited to California, this new privacy law could signal the beginning of a nationwide change, similar to GDPR regulations in Europe.
To plan, build and certify your Organization as HIPAA Compliant. Kindly provide your contact details, as mentioned below.
Briskinfosec is a Global Information \ Cyber Security and a CERT-IN Empanelled Organization, will help you to assist in CCPA Compliance requirements protect personal data as well as honor consumers’ rights as per California privacy law.
Briskinfosec Team will identify any potential gaps between the practices and CCPA requirements, and advise corrective actions to be taken in order to be prepared for a CCPA audit and support in future
Briskinfosec Team are knowledgeable and experienced in providing compliance audit, assessment and implementation services to organizations in meeting their regulatory compliance requirements, such as PCI DSS, HIPAA, EI3PA, NERC-CIP, NFA, FINRA and GDPR.
We are honoured as one among the top 20 most promising information security solution providers by the CIO review.
We reported 8000 vulnerabilities within 4 hours and have registered our name in the “India Book of Records”.
We have been empanelled with ISO/IEC 270001:2015 for our commitment towards security.
Briskinfosec’s cyber security initiatives are affiliated by the National Cyber Defence Research Centre (NCDRC).
Briskinfosec is the founding member of the Council of CIA (Confidentiality, Integrity and Availability).
Briskinfosec is a CERT-In (Computer Emergency Response Team - India) empanelled auditing firm.
Potentially — the CCPA (California Consumer Privacy Act) has already been amended since it was passed, and the Office of the California Attorney General is expected to issue implementing regulations this fall. Additionally, a dozen bills that would amend the CCPA recently passed through the California State Assembly. Next, these bills will be reviewed by the California State Senate. So, odds are good that more changes are to come.
Any amendments the Senate reviews and passes will go to the California Governor’s office where they’ll either be signed into law or vetoed.
The CCPA applies to for-profit businesses operating in California that collect personal information of California consumers for which any of the following are true:
The CCPA provides the following rights to consumers:
The CCPA could be preempted by a federal law. It does not apply to the following information:
Some of the proposed amendments, if passed, would also create additional exceptions and exemptions for businesses. Some of these include:
No. While efforts made to comply with the GDPR may also be leveraged for compliance with the CCPA, the CCPA is not interchangeable with the EU’s data protection regulation. There are differences between the two pieces of legislation and compliance with one does not equate compliance with the other.
While we await additional clarification from the Office of the California Attorney General, we recommend focusing efforts around the following proactive measures:
If a company intentionally violates the CCPA, they will be subject to the maximum civil penalty: $7,500 per violation, per individual. Otherwise, the max penalty is $2,500 per violation, per individual. Additionally, the CCPA entitles consumers to $100-$750 compensation per incident or actual damages, whichever is greater, if a company did not take reasonable security measures in the event of a breach.
You will need to review your service agreements with data providers and ensure that they are CCPA compliant. You should ask for evidence (such as screenshots and URLs) from your source providers during the privacy review process to ensure that they collect, process, and share personal data in a compliant manner.
While the CCPA will be one of the most comprehensive state privacy laws, approximately ten other states, including Hawaii, Maryland, New York, and Washington, among others, are currently proposing laws similar to the CCPA with one recently passing in Maine. Even so, many are similar to the CCPA, and brands and publishers should consider prioritizing compliance with the original due to its outsize footprint with regard to population size.
If each state law passes, marketers will need to maintain compliance in every jurisdiction in which they operate. The fact remains that as additional states create their own privacy laws, compliance becomes increasingly difficult, reiterating the need for federally pre-emptive legislation.
For more information on how our Briskinfosec penetration testing services can help safeguard your organisation, call us now on +91 860 863 4123 or request a call back using the form below.