Armanino Blog

No Delay on July 1 CCPA Enforcement

by Pippa Akem
April 03, 2020

While businesses and their employees adjust to stay-at-home orders, the latest from the California Department of Justice (DOJ) is that there’s no delay to California Consumer Privacy Act (CCPA) enforcement. The landmark CA privacy law became effective on January 1, 2020, and the CA DOJ expects to finalize the draft rules implementing the CCPA and keep to the enforcement start date of July 1, 2020. Various coalition groups impacted by the new law have made pleas for a delay in enforcement, and the DOJ has responded by announcing they have not considered delaying it.

The CCPA gives Californians specified rights over their personal information. These include the right to know and access what personal data a business has collected about a person, the right to be forgotten (i.e., request the deletion of your personal data, with certain exceptions) and the right to refuse (opt out) of the sale of your personal data.

If your business interacts with California consumers, it is critical that you ensure consumer-facing policies and systems are up to date and align internal processes (i.e., ensure processes support data access and portability and opting out of the sale of consumer data) and external processes (i.e., update service provider agreements, impose obligations on providers that support consumer requests and limit sharing with third parties) to requirements.

As the July deadline fast approaches, many businesses may be wondering how enforcement will unfold in light of employees having to work from home. Furthermore, considering that the draft regulations that aim to interpret the CCPA are not yet final, it is not completely illogical to have concerns over enforcement.

Still, the best advice is clearly to operate in a mode of great urgency. It is important for businesses to keep in mind that enforcement will retroactively consider their organization’s compliance as of the effective date of the new law, which was January 1. In theory, if you are a business subject to the CCPA, you should have met your compliance obligations by this date, at the latest.

The reality, of course, is that many businesses are still struggling to understand how the privacy law applies to their data operations. For businesses that have adapted their processes and systems to the new requirements, there are unresolved compliance questions on how adopted standards will play out against the final CCPA regulations. Overall, it is likely that many covered businesses have yet to fully comply.

Clearly, the current COVID-19 disruption does extend the time for businesses that have to comply with the CCPA to meet their obligations. There are many opinions out there on how the CA DOJ may react given a worsening public health crisis and the resource and time challenges posed by working from home.

The fact is that no one can predict what the Attorney General will do next. However, if you are a covered business, you should have implemented CCPA-aligned processes. If you are lagging behind, it is never too late to organize your compliance team and put everyone to task. And keep in mind that in times such as this, companies are vulnerable to increased cyberattacks and need to ensure their workforces are following best practices.

Your CCPA obligations have not ceased because of COVID-19, so ensure your team is still responding in a timely manner to all consumer requests. And if you are not fully compliant with CCPA, continue to work toward that goal as quickly as possible.

Need compliance help? Contact privacy expert Pippa Akem to learn more about our privacy services and solutions. For the latest updates and other information to help you keep your business running through disruption, visit our COVID 19 Resource Center.

April 03, 2020

Stay In Touch

Sign up to stay up-to-date with the latest accounting regulations, best practices, industry news and technology insights to run your business.

Related News & Insights
Armaninos 10th Anniversary Reception in Chicago
Live Event
Rooftop reception to celebrate Armanino’s 10th anniversary with the firm’s supporters and friends.

September 29, 2022 | 02:30 PM - 05:30 PM PT
Nonprofit Symposium 2021
Live and Virtual Event
Nonprofits - Get Back to [Focusing on] the Future

September 29, 2022 | 08:00 AM - 12:00 PM PT
Workday Adaptive Planning 2022 R2 Release
Learn about Workday’s newest features and enhancements.

August 30, 2022 | 10:00 AM - 11:00 AM PT