Get this resource now

First Name
Thank you!
Error - something went wrong!

California Privacy Act Vs. The General Data Protection Regulation

August 30, 2018 Kevin Kish

Organizations across the globe are making their way back to the ‘war room’ to analyze the applicability of one of the most comprehensive data privacy laws sweeping the US, the California Consumer Privacy Act of 2018 (“CCPA”) against their business processes.  The CCPA, approved on June 28, 2018, was designed to give consumers (i.e. Californians) control over the use, including the sale, of their personal information.  This law conceptually has similar characteristics to the European Union’s data protection regulation, including its ability to be enforced on a global scale.

While both privacy acts share a similar intent, the CCPA certainly has its own set of specific characteristics that sets it apart from its European counterpart, and although it appears that many of the general provisions appear to be borrowed from the GDPR and other global privacy practices, organizations will need to carefully evaluate the appropriateness of previously developed policies, procedures, or processes to meet California’s new privacy provisions.

In this article, we look at the new CCPA in comparison to the EU General Data Protection Regulation (GDPR).  The aim is to help identify certain similarities and differences between the two regulations to help organizations better strategize their effort in achieving compliance with both.

About the Author

Kevin Kish

Kevin Kish is a Director of Privacy Compliance at Schellman. With 10 years of industry experience, Kevin has a strong history of implementing, maintaining, and assessing global information security and privacy requirements, including ISO 27001, HITRUST, Privacy Shield, and the General Data Protection Regulation (GDPR). As an industry advocate, he is passionate about researching and writing on the concepts of adaptable data privacy and providing education to clients on the risks, challenges, and best practices around data privacy legislation. He holds several privacy certifications from the International Association of Privacy Professionals (IAPP), including CIPP/US, CIPP/E, and CIPM.

More Content by Kevin Kish
Previous Flipbook
SOC for Cybersecurity
SOC for Cybersecurity

Next Flipbook
GDPR FAQ’s for Hospitality
GDPR FAQ’s for Hospitality