darkhound-logo-colordarkhound-logo-colordarkhound-logo-colordarkhound-logo-color
  • Home
  • Breach
  • Features
  • Packages
  • Blog
  • Contact Us
  • Events
  • CCPA

CCPA Compliant for 2020?

  • Home
  • Blog
  • Cybersecurity
  • CCPA Compliant for 2020?
Phishing Scams to Watch Out For
December 23, 2019
Our Santa Gift got Hacked
January 6, 2020

The new year means new laws for your business with the implementation of CCPA just days away.

According to Law.Com. businesses in California or doing business in California need to get ready.  “With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some companies may be scrambling to get their data collection and management processes in order.

“Others, however, might be taking a wait-and-see approach before fulling investing into large-scale changes. Whatever an organization’s plan, there are certain things all covered entities should know about the far-reaching privacy law before January 2020.

“Reasonable” Security is Required

“The CCPA isn’t all about privacy. In fact, the regulation also mandates that covered entities maintain reasonable security procedures, something that does not get as much attention as the data handling requirements. “It certainly hasn’t been focused on and it ought it to be,” Mark Schreiber, partner at McDermott Will & Emery said.

“To be sure, exactly what constitutes ‘reasonable’ security isn’t clarified in the CCPA. Still, Schreiber said that there are hints in what the state expects given its past positions. “The California attorney general years ago in other pronouncements identified the 20 CIS [security] controls —which is this fairly intense and robust set of security standards—as being what California would look to. So that’s been out there for some years and those are fairly granular in terms of the different components that need to be in place. Read the full article here.

A Security Awareness and Training Program is Required

Number 17 on the CIS list, in the section Organizational CIS Controls requires your organization to roll out a Security Awareness Training Program. If you get hacked because a user falls for a social engineering attack and your suffer a data breach that has California-related records in there—and who hasn’t— you are in violation and can get fined.

Source: Law.com

Image Source: https://www.pexels.com/photo/photo-of-people-leaning-on-wooden-table-3183183/

Share
0

Related posts

Shipping Scams
December 28, 2020

Shipping Scams Disrupting the Holidays

Read more
Vishing
December 10, 2020

Vishing on the Rise

Read more
Covid
December 7, 2020

New Phishing Scam Targets COVID Vaccine Cold Supply Chain

Read more
© 2019 Darkhound Security. All Rights Reserved. Built and Managed by Lighthouse Graphics