CCPA enforcement starts July 1. Are your employee notices in order?

Ready or not, here it comes. This Wednesday, July 1, California will start enforcing its landmark privacy law -- and businesses face costly penalties and lawsuits if they're not ready. The California Consumer Privacy Act (CCPA) took effect January 1 but businesses had a six-month grace period to get their data handling practices up to code.

Unfortunately, those new requirements have been easy to overlook in the midst of a pandemic and ongoing quarantine measures. California's Attorney General has pledged to start enforcement this week regardless.

While the government is expected to focus its fire power on tech giants, companies of all sizes are still vulnerable to lawsuits and penalties. In fact, small and medium-sized businesses have borne the brunt of complying with CCPA. And our research indicates many employers have yet to comply with a CCPA requirement to send their California workers a privacy notice.

Until recently, U.S. companies had virtually no restrictions on what they do with employee data. Now they must inform California workers what data they're collecting and why -- and can be sued if that information is part of a data breach.