Over the past decade, organizations are getting familiar with the different new privacy laws being enforced by governments. In 2018, GDPR went into effect and we are seeing the huge impact this law has had on organizations when dealing with people’s personal data. Now, there’s another major regulation that just went into effect. On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect and sets new requirements and rights relating to personal information of California consumers. This is the first state-level privacy law in the United States. Data-driven companies are quickly making the right adjustments with the new regulation into their system, similar to how they prepared for GDPR. Despite not knowing how much of an impact this new regulation will have on organizations, it’s always best to prepare and be compliant. In this blog post, we will explain what the CCPA is, how it will impact your business and any other lingering questions you may have about CCPA.
The CCPA was created in order to protect the privacy and personal data of consumers who live within the state of California. The CCPA grants people the right to know what information businesses are storing about them. The act additionally gives people the right to tell businesses they cannot use their personal information. Similar to GDPR, people may request that a business discloses the types of personal information it collects, the purpose of collecting that information, and who the information is being sold to. According to the regulation, people are allowed to request this data report twice a year, free of charge.
The California legislature approved the CCPA regulation after the mining of personal data was brought to light in 2018 with the famous data mining Cambridge Analytica scandal and how the congress hearing proved how vulnerable personal information can be misused. The state desired to create more laws that will implement better data privacy control and transparency. According to CNET, more states are considering similar laws and similar proposals are being presented at the federal level.
The CCPA regulation provides California residents with 4 basic rights with their personal information:
The CCPA regulation affects any organization that collects, shares, or sells California residents’ personal data and meets any of the following three criteria:
Your organization can implement different privacy steps to ensure consumers are able to exercise their rights under the CCPA. Here are the key steps to make:
Make sure your legal team reviews the entire CCPA initiative to identify all steps your business must implement to remain CCPA compliant. We highly recommend that you educate your entire staff on the main factors of CCPA compliance.
Although the law requirements are clear, CCPA does not provide a technical direction on how to meet these standards. Instead, organizations are required independently to create a plan to meet data security requirements. Admittingly, this sounds quite data-heavy, but each of these benchmarks can be easily met using a Zero Trust Network as a Service platform. A Zero Trust Network as a Service (ZTNA) uses pre-shared keys to identify, authenticate and authorize user access. Using a ZTNA which offers a centralized cloud management platform, an entity can create customized user access to sensitive data – including cloud environments, SaaS services, sandbox and production environments, and more. Additionally, any data which passes over any network is secured with advanced encryption. This creates a virtual tunnel so data can’t be intercepted by users who don’t have access. By offering network visibility and identifying risks and vulnerabilities to your systems and data, detailed activity reports provide insight into which resources are being accessed, what applications are being used, and how much bandwidth is being consumed.
At Perimeter 81, we are committed to protecting your company’s data and your customers’ data. In order to ensure complete CCPA compliance, we have:
To help you navigate the CCPA and secure your clients’ data, we provide:
With CCPA in effect, the way businesses handle Wi-Fi security will change drastically. At Perimeter 81, we have made this one of our key priorities. Our patented, Automatic Wi-Fi Security feature is a special built-in functionality to all of our applications that allows users to automatically deploy a VPN connection even if the device is locked and in your pocket. Once you install Perimeter 81’s client applications, you can rest assured that data passing over any network is secured with 256-bit bank-level encryption. Perimeter 81’s innovative Automatic Wi-Fi Security immediately shields data by automatically activating VPN protection when employees connect to unknown, untrusted networks. Those advanced features, that come out of the box, are the reasons why Perimeter 81 is considered to be one of the best OpenVPN replacement. If you have any more questions about CCPA, our Automatic Wi-Fi Security feature, or the steps we at Perimeter 81 have taken to protect your data, please don’t hesitate to contact us at [email protected].