To kick things off for the blog in a brand new and exciting year, I will be tackling a hot topic for which I have been receiving a lot of questions lately – The California Consumer Privacy Act (CCPA). Incidentally, even though this law was signed in June last year by the California legislature, it doesn’t just affect businesses in California. It can impact you even if your business is outside of California.
On another note, The CCPA Act is seen as a trendsetter of sorts, close on the heels of the GDPR, so we can expect other states in the country to follow suit soon. The requirements for the Act will not come into effect until January 1, 2020, after the final list of regulations passes, which means we have some time on our hands, but not a lot! My advice to businesses is to speed up on the requirements and prepare for the changes. Below, I cover all the key things you need to know about the Act.
What is the California Consumer Privacy Act?
As described in an article by Proskauer, entitled The California Consumer Privacy Act of 2018, the Act defines consumers as natural persons who are residents of California and has “four fundamentals about their personal information:
- The right to know, through a general privacy policy and with more specifics available upon request, what personal information a business has collected about them, where it was sourced from, what it is being used for, whether it is being disclosed or sold, and to whom it is being disclosed or sold.
- The right to “opt out-outlawing a business to sell their personal information to third parties. Or, for consumers who are under 16 years old, the right not to have their personal information sold absent their (or their parent’s) opt-in.
- The right to have a business delete their personal information, with some exceptions.
- The right to receive equal service and pricing from a business, even if they exercise their privacy rights under the Act.”
Who Must Comply with the Act?
The Act applies to for-profit organizations that collect and process the personal information of California residents and engage in Business in the State of California. Businesses that don’t have an actual physical presence in the State but participate in sales activities inside California must also comply. Additionally, the companies must meet the following criteria to be part of the compliance net:
- Their annual gross revenues must be more than $25 million, or
- They must disclose or receive the personal information of 50,000 or more California households, residents, or devices annually, or
- They must obtain 50% or more of their annual revenues from selling California resident’s personal information.
The Act also affects corporate affiliates of these businesses that share their branding.
How Can Contact Centers Start to Prepare for the Act?
Here are some action steps I recommend businesses start taking straightaway in preparation for the Act’s implementation:
- Create a Data Management Plan – which includes reviewing the data you have on hand, your current data collection systems, and how you will manage personal information in the future. Privacy-proof your procedures, internal policies, and your third-party vendors to ensure compliance. Determine how you will handle access and deletion requests from consumers.
- Update Your Data Privacy Policy – It is a requirement under the Act to update the privacy policy on websites to display and describe consumers’ rights.
- Set Up Your Communication Channels – Prepare to respond appropriately to consumer requests and communicate how you conform to the requirements.
- Keep Track of Regulations – Stay tuned for further updates on the California Consumer Privacy Act’s website.
For more actionable tips, also check out my blog article on planning for a successful 2019 here.
Feel free to reach out to us at any time if you want more insights into how you can make your contact center California Privacy Law compliant. CHCG is an industry veteran in the BPO contact center space, and we can offer you unique, customized, customer-centric, and profit-driven solutions tailor-made for your Business.
