CCPA , Governance & Risk Management , Privacy

Modified Draft CCPA Regulations: How They Impact Businesses

A Privacy Expert Sorts Through the Clarifications of Law's Requirements
Modified Draft CCPA Regulations: How They Impact Businesses

California Attorney General Xavier Becerra recently issued modified draft regulations to carry out the California Consumer Privacy Act that are designed to help businesses take a more pragmatic approach to privacy. The proposed regulations clarify, for example, that businesses are not obligated to search for personal information in response to a consumer's request if certain conditions are met, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.

One of those conditions "is that the business does not maintain personal information in a searchable or reasonably accessible format," Fennessy explains in an interview with Information Security Media Group. (See: CCPA: Who in Healthcare Must Comply?)

"What the AG's office is trying to do here is take a pragmatic approach to consumer requests and requirements on businesses in this area so that the type of information that is maintained for legal purposes does not get captured when it's not easily searchable," she says.

Under CCPA, consumers have the right to request all the data a company has collected on them over the previous 12 months.

In this interview (see audio link below image), Fennessy also discusses:

  • How the proposed regulations would affect businesses;
  • How the attorney general is taking a more pragmatic approach in clarifying CCPA compliance requirements;
  • How the draft regulations clarify definitions of key terms, such as "household," used in CCPA.

Fennessy, research director IAPP, leads its privacy engineering initiative and serves as an in-house privacy expert. Previously, she was the privacy shield director at the U.S. International Trade Administration.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.