California: CCPA Final Regulations Pending

APPLIES TO

All For-Profit Employers with CA Employees subject to the CCPA

EFFECTIVE

TBD

QUESTIONS?

Contact HR On-Call

(888) 378-2456

On July 1, 2020, the California Attorney General began enforcing the California Consumer Privacy Act (CCPA) which requires businesses to comply with certain privacy protections for consumers and employees who reside in California. However, California is still lacking guidance on compliance with the CCPA. On June 1, 2020, the California Attorney General released the final proposed regulations for the CCPA to the California Office of Administrative Law (OAL). OAL has up to 30 working days, plus an additional 60 calendar days under Executive Order N-40-20 related to the COVID-19 pandemic, to review the package for procedural compliance with the Administrative Procedure Act. Once approved by the OAL, the final regulation text will become enforceable.

Although not law yet, employers should be looking to the proposed final regulations for guidance on the CCPA. Specifically, they describe when and how employee notices must be provided, including for subsequent collections and additional purposes not previously disclosed.

There are also numerous requirements that businesses must follow for collecting, selling, and using personal information of consumers, such has having a privacy policy, right-to-opt-out notices, financial incentive notices, steps for responding to consumer requests, and relationships with service providers who have access to personal information.

Employers who are not currently in compliance with the CCPA are strongly urged to implement policies, procedures, and notices required by the CCPA as soon as possible. Individuals may sue employers for a data breach under the CCPA, and may recover between $100 and $750 per consumer per breach or actual damages, whichever is greater. The California Attorney General may also bring enforcement action against employers, including civil penalties of $2,500 per violation and $7,500 for “intentional” violations.

Action Items

  1. Review the final regulations here.
  2. Review CCPA notices for compliance.
  3. Implement or update privacy policies.
  4. Review vendor agreements and security of consumer personal information.
  5. Review procedures for handling consumer requests.
  6. Subscribers can call our HR On-Call Hotline at (888) 378-2456 for further assistance.

Disclaimer: This document is designed to provide general information and guidance concerning employment-related issues. It is presented with the understanding that ManagEase is not engaged in rendering any legal opinions. If a legal opinion is needed, please contact the services of your own legal adviser.

© 2020 ManagEase

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *