May 2018, the month the GDPR went into effect, seems like a lifetime ago from a privacy perspective. With new privacy regulations in the works, the California Consumer Privacy Act (CCPA), effective January 2020, stands out as the next big privacy regulation companies will need to grapple with. If you are wondering if the CCPA applies to your organization, you are not alone. If your business operates in California and collects personal information (‘PI’) of California residents, their households, or electronic devices, the CCPA will likely apply to you if your organization:
- Has an annual gross revenue exceeding $25 million;
- Buys, receives, sells, or shares PI of 50,000 consumers, households or devices annually; or
- Derives 50% or more of your annual revenues from selling consumers’ PI.
BDO’s quick reference timeline summarizes what you’ll need to tackle (and when), as you complete the first quarter of 2019, along with the steps needed to be in compliance with CCPA by 2020.
- PDF, Size 0.1 mb