April 18, 2019
Authored by: Sarah Bhagwandin, Steve Evans and David Zetoony
In the coming weeks we will be releasing a series of FAQs examining the California Consumer Privacy Act (“CCPA”) of particular importance to employers. These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.
By way of background, employers with operations in California should be aware of the CCPA, a new privacy law that applies to data collected about California-based employees. Because the CCPA refers to “consumers” many HR professionals don’t realize that the Act, as currently drafted, applies to data collected about California-based employees. Please see our recent blog post summarizing the CCPA for employers.
The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now. For U.S. employers who have not had to comply with the GDPR, the requirements of the CCPA for California-based employees will likely require a new analysis of the treatment of employee-data and updated or new data policies.
For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”). Employers who are complying with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.
BCLP also offers a