As of January 1, 2020, CCPA – the California Consumer Privacy Act – is here. Of course, CCPA compliance requires that companies that do business in California or with California residents, and meet other requirements, must meet certain data privacy requirements to protect new consumer rights. Namely, consumers have the right to see, delete, and download personal information stored about them, restrict the use of such information, and to seek remedies for data breaches.
The recent Microsoft data breach – which exposed 250 million records containing customer service and support logs and was reported on January 22 – couldn’t be timed better to serve as a warning for companies to pay attention to data privacy. Even well-funded companies with dedicated resources struggle to stop errors in data privacy protection.
CCPA Compliance Will Require Investment
The California Department of Justice (“DOJ”) is required to estimate the compliance cost of its proposed rules. The estimates include an initial investment of $55 billion, spread across 15,000 to 400,000 businesses, with as many a 50% being small businesses. In addition, a new ballot initiative, the California Privacy Rights and Enforcement Act (“CPREA”) looks to extend CCPA’s data privacy protections. Furthermore, it’s expected that a number of state legislatures will follow California’s lead and “clone-and-revise” CCPA for their own states.
Data Privacy Can Be A Competitive Advantage
While the analysis of data privacy laws right now focuses on costs, companies that implement stringent data privacy protections may have a competitive advantage. According to Norman Guadagno, CMO of Acoustic, marketers “should be putting their own systems in place that are transparent and respectful of customer privacy”. Guadagno states that better data hygiene and higher-quality subscribers has driven up open and click-through rates for email marketing.
In addition, a CapGemini report from late last year found the that the European data privacy law GDPR has provided a competitive advantage. GDPR-compliant companies outperform peers in a range of metrics, from customer satisfaction to targeted marketing leads to revenue. According to the report, “92% of executives from compliant firms say their organization has gained a competitive advantage thanks to the GDPR.”
So, while data privacy laws increase concern for companies, those that have completed the work of GDPR compliance believe that the investment paid off. By extension, it’s reasonable to assume that CCPA compliance will give companies an edge as well. The CapGemini report also found that 70% of US companies believe they will be CCPA compliant when the law goes into effect, so it seems that once companies take the first step with more stringent data privacy protections, they are more prepared for future regulations.
Prepare Your Organization for New Data Privacy Regulations
Syntelli Solutions can help you meet new data privacy standards, avoid the costs of non-compliance, and outperform your peers. Contact us to find out how we can help.
“In early March, the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) released two sets of rules on information blocking. They made two dramatic changes: patients would be able to more...read more
Both the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR) aim to protect consumers’ privacy rights. Because both laws attempt to fundamentally change business practice to establish and protect new data privacy rights for...read more
As we begin 2020, the 5G rollout is well underway. Carriers are deploying 5G, or the fifth generation of mobile infrastructure, with significantly higher speeds and capabilities to enable the spread of IoT, which promises connectivity for billions of devices for...read more