The California Consumer Privacy Act (CCPA) certainly is complicated. It’s why an entire panel discussion about it was conducted during this summer’s Automotive Intelligence Summit.
Furthermore, a recent PossibleNOW study showed 56% of U.S. businesses polled reported they do not expect to be fully prepared to meet CCPA requirements by the Jan. 1 date of enforcement.
When survey respondents were asked why their organization wouldn’t be compliant, the provider of enterprise consent, privacy, and preference management solutions found
• 35% said their primary reason is the cost of becoming compliant.
• 32% stated they were waiting to see how the CCPA will be enforced.
• 17% said they didn’t think their organization is large enough to face fines.
• 11% said the law is new to them and they are unsure of the requirements, and.
• 4% stated they didn’t think the law applies to them.
PossibleNOW indicated penalties for noncompliance are $2,500 per record for each unintentional violation and $7,500 per record for each intentional violation. So, a company that doesn’t honor or mismanages 1,000 consumer privacy requests could face a fine ranging from $2.5 million to $7.5 million.
While many factors come into play such as the size of a company and the scope of the project, PossibleNOW calculated the average cost for available compliance technology and implementation is typically less than one full time employee.
Businesses face unnecessary financial risks associated with fines by choosing to delay addressing their compliance gaps, according to Eric Tejeda, marketing director at PossibleNOW.
“Just as with GDPR, a significant number of businesses are caught between the cost and effort of complying with CCPA and the probability of enforcement actions against them,” Tejada said. “There are heightened concerns surrounding the CCPA specifically because of California’s strict approach to legislation across all facets of business within the state.
“Companies should actively seek the counsel of a privacy compliance organization as the deadline is quickly approaching. As time draws short, resources become more scarce and implementation becomes more costly,” Tejada went on to say.
A free resource readily available from Cherokee Media Group.
In a few special editions of the show, we’re sharing some of the panel discussions and keynote presentations from the recent Automotive Intelligence Summit in Raleigh, N.C. Next up is a panel discussion titled, "Data Privacy Meets Regulatory Oversight in Debt Collection."
Moderated by Rod Arends, vice president of Southeast Toyota Finance Service Center Operations, this panel includes:
— Rebecca Kuehn, Partner, & Chair of the Credit, Reporting, Privacy and Data Security Practice Group, Hudson Cook
— John Lewis, Founder/CEO, Intellaegis/masterQueue
— David Lincicum, General Attorney, Federal Trade Commission
— Mary Ross, Principal, MSR Strategies; Co-Author, California Consumer Privacy Act
The full discussion can be found below.