As enterprises around the world deal with legislative backlash following years of unfettered data collection, companies are confused about how to achieve compliance not only with the General Data Protection Regulation (GDPR), but also with California’s Consumer Privacy Act (CCPA). If you are one of them, rest assured that you are not alone in your confusion — and you’d better believe there’s more to come.
Several months after GDPR went into effect, 27 percent of companies reported that they had yet to start the GDPR compliance process, according to GDPR.Report. Still, the threat of additional regulations looms.
When the California legislation goes into effect on Jan. 1, 2020, more than 500,000 American businesses will be subject to the CCPA, according to a recent report from Varonis. In addition, 58 percent of companies have more than 100,000 folders open to everyone. Sensitive data is at risk, and in 15 months, companies will be required to allow consumers to review the data they have collected on them, demand deletion of data and opt out of having the data sold to third parties. Organizations face fines of $7,500 for violations.