What does the CCPA have to do with Policies & Procedures?

policies procedures CCPA

Compliance with CCPA is entwined with how you do business. Your business operations (the “how and what”) directly link to company policy, controls, processes: policies and procedures. You could say that the CCPA has everything to do with policies and procedures. Which is why you need to update yours – yesterday. Not convinced? Let’s go … Read more

The CCPA and the Iffy Territory of the “HIPAA exemption”

CCPA HIPAA exemption

A brief recap: The California Consumer Privacy Act (CCPA) aims to give California consumers greater control over their personal information by imposing certain obligations on entities covered by the law. The CCPA takes effect January 1, 2020. And as we said in an earlier blog article, you don’t have to be a California-based business to … Read more

Who needs to comply with the CCPA? Hint: Not only California.

CCPA Who Needs to Comply

The first thing to realize about California Consumer Privacy Act (CCPA) compliance is that you don’t have to be a California-based business to be affected. As of 2018, California was the world’s 5th largest economy. You’re better off to ask yourself what the chances that you’re not subject to the CCPA. US-based or global, you … Read more

Consumers in the Regulatory Driver’s Seat: Protecting Personal Data Privacy

protect personal data privacy

Consumers on the warpath to protect personal data privacy are making strides in state houses. For instance, here’s an update on Oregon’s Senate Bill 703 re selling health information. If you use Big Data at all, you’ve probably been following this Bill. It’s basically saying that anyone selling personal health information, although thoroughly de-identified, would … Read more

Data Privacy & Security: 2018 Reflections & the Year Ahead

2018 its a wrap data privacy

It’s been a tumultuous 2018 for data privacy and information security. New regulations here and abroad show that data privacy will continue to be a hot topic as we move into 2019. We’re seeing the OCR’s investigations and penalties aren’t limited to large entities or to large breaches. Expect that will continue. Over 60 organizations … Read more