A year and a half after GDPR, California’s own data privacy act will soon go into effect, but many businesses are unprepared. How can they get there?

Guest Commentary, Guest Commentary

November 20, 2019

1 Min Read
Image: Duncanandison - stock.adobe.com

A year and a half ago, the General Data Protection Regulation (GDPR) — the world’s most far-reaching data privacy regulation — came into effect across the European Union. At the time, many affected companies both in and outside of the EU were caught unprepared, but the regulation did bring in changes in how data privacy was handled at many organizations and likely inspired future regulations.

Next up: the California Consumer Privacy Act. The final round of amendments for the CCPA finished in September, and the law takes effect on Jan. 1, 2020. When that happens, the same scenario that saw GDPR arrive with many organizations still unprepared looks likely to repeat itself. According to research from eMarketer done in July 2019, only 8% of U.S. businesses said they were prepared and only 34% said they expected they would be before the regulations came into effect.

The last round of changes to the law did give some reprieve to those who find themselves unprepared. The amendments to California’s data privacy act reduced the scope of the law, more concisely regulating consumer-facing activities, said Aaron Shum, practice lead in security, risk and compliance at Info-Tech Research Group.

Read the rest of Terri Coles' article on the CCPA on InformationWeek's affiliate site ITPro Today.


About the Author(s)

Guest Commentary

Guest Commentary

The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT professionals in a meaningful way. We publish Guest Commentaries from IT practitioners, industry analysts, technology evangelists, and researchers in the field. We are focusing on four main topics: cloud computing; DevOps; data and analytics; and IT leadership and career development. We aim to offer objective, practical advice to our audience on those topics from people who have deep experience in these topics and know the ropes. Guest Commentaries must be vendor neutral. We don't publish articles that promote the writer's company or product.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights