Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Following Privacy’s Yellow Brick Road with BDO: GDPR – CCPA

White Paper, March 22, 2019

Download now

By downloading this asset you consent to your details being shared with the sponsor, receiving communications from the sponsor and Compliance Week, and having a free Compliance Week account created for you.

May 2018, the month the GDPR went into effect, seems like a lifetime ago from a privacy perspective.  With new privacy regulations in the works, the California Consumer Privacy Act (CCPA), effective January 2020, stands out as the next big privacy regulation companies will need to grapple with.  If you are wondering if the CCPA applies to your organization, you are not alone. If your business operates in California and collects personal information (‘PI’) of California residents, their households, or electronic devices, the CCPA will likely apply to you if your organization:

  • Has an annual gross revenue exceeding $25 million;
  • Buys, receives, sells, or shares PI of 50,000 consumers, households or devices annually; or
  • Derives 50% or more of your annual revenues from selling consumers’ PI.

BDO’s quick reference timeline summarizes what you’ll need to tackle (and when), as you complete the first quarter of 2019, along with the steps needed to be in compliance with CCPA by 2020.