The Keys to Addressing Your Governance and Compliance Needs in 2020andrea
When the California Consumer Privacy Act went into effect on January 1, 2020, it imposed sweeping new data security standards on American companies. The law essentially gives California residents the right to sue a company that exposes their personal data in a breach. Experts are urging any company with customers in California to start preparing now.
Those preparations include updating privacy notices, granting opt-in/opt-out requests, and deleting information as required. Beyond that, companies must do everything possible to avoid the kinds of data breaches that could trigger an avalanche of expensive litigation under the new law. Realistically, complying with the California Consumer Privacy Act, or CCPA, will require an entirely new approach to IT, data, and customer engagement.
The bad news is, compliance won’t be easy. If there is a silver lining, however, it’s that California’s laws are likely to become a model for the whole country. Consumers are clamoring for greater data protections, and additional local, state, and federal rules are almost definitely coming. Regardless of whether you’re subject to CCPA, focusing on governance and compliance now will give you a head start on an issue every company in the country will soon have to contend with.
The Long Road to Compliance
Protecting consumer data, especially to the extent required by regulators, is a bigger obligation than many expect. Today’s companies collect digital consumer data through at least a dozen channels: email, text, social media, chat, etc. While that data might seem like nothing more than casual conversations, it’s still full of sensitive information that must be protected.
Choosing not to save any of this data would relieve the regulatory burden, but it would also mean wasting a resource that’s full of valuable insights — not to mention cutting off communication channels that customers prefer. Digital data is obviously critical to the future of nearly all businesses, so there’s no option except to protect it as regulators require.
Digital Archives: The Cornerstone of Compliance
More than any other step, implementing a digital archive will help companies comply with CCPA without compromising the value of their data. Archives provide a secure, standardized environment for companies to pour all their data into. Not only is that data subject to uniform cybersecurity measures, but it’s also integrated and organized, making it significantly easier to manage. Having any kind of archive helps with compliance, but the ideal ones have these features:
- Automatic updating: Information is automatically fed into the archive so that it’s always complete and current without requiring a lot of input from staff members.
- Refined eDiscovery: Users can search for information within the archive to find broad swaths of information or very specific pieces of data.
- Information agnosticism: Any kind of information can go into the archive regardless of the file format, size, or source.
- Cloud orientation: Cloud archives provide scalable data storage capabilities as well as the ability to access data from anywhere at any time.
It’s hard to overstate the value of having a great archive in place, for compliance and other reasons. It’s also hard to overstate the importance of preparing for the California Consumer Privacy Act specifically and tougher data protection regulations generally. These laws will be disruptive for everyone, but they could be disastrous for companies caught off guard. If you don’t get started in 2020, it could be too late. Contact us to see how you can get started today!