When the General Data Protection Regulation (GDPR) was enacted more than a year ago, it was far reaching, and many organizations were caught off guard because they thought it didn’t apply to them. But in fact, it did. Now the California Consumer Privacy Act (CCPA) is about to go into effect (Jan. 1, 2020), and any enterprise that does business in the state of California will need to change the way they manage personal information.
California has the fifth largest economy in the world. In fact, it’s actually bigger than that of the United Kingdom. Why is this relevant? Well, given the size of California’s economy, this legislation will clearly have a considerable global impact. It will tip the scales on privacy around the world. To prepare for the CCPA and other future data security legislation, organizations must focus on identifying the types of personal information they have and evaluating the flow of that data coming in and going out of the organization. Getting a handle on the flow of your sensitive data is also a great early step toward avoiding a breach, regardless of the regulations you need to follow. More importantly, it is the foundation of a solid data privacy strategy, which should be the end goal for global enterprises.