- Marriott International HackedPosted 10 hours ago
- California To T-Mobile, Sprint: Not So Fast!Posted 10 hours ago
- Recent IP Law HighlightsPosted 1 day ago
- Supreme Court Will Soon Decide If 27,000 Health Workers Should Be DeportedPosted 1 day ago
- They All Won Academy AwardsPosted 4 days ago
- Dissecting Supreme Court Opinions to See How They are ReachedPosted 5 days ago
Four Questions to Answer About New Privacy Regulations
Executive Summary of an article written by
Rebecca Perry, Jordan Lawrence, an Exterro Company
The United States is introducing new privacy laws that apply to businesses that collect and store consumer and employees’ personal data. The California Consumer Privacy Act, set to go into effect on January 1, 2020, essentially creates new consumer rights, and therefore new obligations for businesses.
There are four important questions that in-house counsel can ask to help determine their readiness for complying with the CCPA and other pending privacy regulations.
Do we really know our data? Effective and defensible compliance begins with a data inventory — developing it if you don’t have one, organizing it if you do. How you develop your data inventory will directly impact your ability to meet your obligations, demonstrate diligence with regulators and defend your compliance efforts against plaintiffs’ attorneys.
Can we respond to data subject access request? Under the CCPA, companies have 45 days to respond to fulfill and manage a DSAR. Nearly 60 percent of data breaches are caused by third parties. Many companies don’t have a handle on who their vendors are and what data they own. Part of your data inventory should include an understanding of who those third parties are, and to what company data they have access.
Are we keeping data longer than necessary? Personal data you don’t have cannot be breached. A clear way to mitigate a lot of organizational risk is to get rid of data that has met your business, legal and regulatory obligations.Read the full article at:
Today's General Counsel