CCPA Regulatory Compliance

What is CCPA?

CCPA – California Consumer Privacy Act was enacted in 2018 and is scheduled to become enforced beginning the earlier of: (1) July 1, 2020, or (2)six months after the California Attorney General’s Office releases guidance on the CCPA.  The intent of the bill is to enhance privacy rights and consumer protection for residents of California. It includes provisions related to data disclosure and removal.

Who is covered by CCPA?

The CCPA applies to for-profit entities that: (1) collect consumer personal data, (2) determine the purposes and means of processing the data, (3) do business in the State of California, and (4) pass certain economic thresholds.

What is CCPA's definition of personal information?

CCPA states that personal information includes anything that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.

What entities must comply?

CCPA applies to companies that are “organized or operated for the profit or financial benefit of shareholders or other holders.” As currently drafted, Nonprofits are not required to comply with the CCPA.

Does CCPA apply to ASU?

ASU is a non-profit educational institution therefore the Act does not cover ASU.