California Privacy Rights Act (CPRA)

Subscribe to California Privacy Rights Act (CPRA)
Health-law-Privacy

More than just New Year’s resolutions went into effect when the clock struck midnight on January 1, 2023. The California Privacy Rights Act (“CPRA”) and the Virginia Consumer Data Protection Act (“VCPDA”) are now effective in California and Virginia, respectively. These comprehensive data privacy laws, along with three other state laws going into effect this year, establish new and complex obligations for businesses. If your business has not taken steps to prepare for these privacy laws, it is high time to start that process to avoid violations and enforcement likely to follow later in the year. See below for a timeline of key dates.

Continue Reading 2023 New Year’s Resolution: Effectively Comply with New Comprehensive State Privacy Laws

Health-law-Privacy

The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) gives consumers increasingly more control over their personal information when collected by businesses subject to the law. We have previously discussed the compliance requirements of these data privacy laws on organizations doing business in California.[1] Significantly, CCPA/CPRA defines the term “consumer” to mean any California resident; which from a business perspective, such a broad definition encompasses not only the business’s individual customers, but also its employees, job-applicants or even business-to-business (B2B) contacts.  With the moratoriums currently in place for B2B and employee/applicant data sunsetting on January 1, 2023 and not likely to be extended, and the prospect for federal data privacy legislation with wide preemptive effect of state law looking less likely, businesses should be actively preparing to meet these expanded statutory obligations.

Continue Reading No More Exceptions: What to Do When the California Privacy Exemptions for Employee, Applicant and B2B Data Expire