Under the California Privacy Rights Act of 2020, employees are empowered to know what personal information is being collected, access the personal information held by the business, request that a business delete any personal information about the employee that the business has collected from the employee, and more.
The California Privacy Rights Act of 2020 (CPRA) is a significant consumer privacy law that applies comprehensive data protection to human resources data. This includes the individually identifiable information of job applicants, employees, independent contractors, dependents, and other HR data of California residents. The legislation regards these employees as “consumers,” granting them specific rights.
The law applies to for-profit companies that:
Under the CPRA, by January 1, 2023, employers must have implemented procedures that allow this class of consumer control over their personal information. This control includes methods that are easily accessible to consumers, allowing them to:
Importantly, the CPRA limits the use of sensitive personal information to the use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.
An employer must implement procedures that notify employees of their rights. Employers are also required to implement procedures through which:
The CPRA empowers employees to:
If they haven’t already, employers need to start the compliance process by implementing policies, procedures, and other compliance measures that satisfy the CPRA requirements.
To cost-effectively ensure you are complying with privacy regulations, you need to track employee requests to opt-out, review, access, delete, and obtain their data. Without an accurate system for tracking the status of each request, you risk costly penalties and reputational damage.
To strengthen and enhance CPRA compliance, PrivacyCare offers a system that features:
For help with your employee data privacy compliance challenges, get started here.
PrivacyCare CEO and Co-Founder Brad Garsten joins Microsoft, Squire Patton Boggs and moderated by IAPP - International Association of Privacy Professionals, to discuss the business, legal, and technical implications of the new state privacy laws and how they will impact your business.
January 20, 2023
To ensure that you are complying with data privacy laws like GDPR and CPRA, business owners have to manage and track consumers’ requests to opt out, review, access, delete and obtain their data. Are you ready for these new consumer data privacy laws?
March 8, 2023
With limited budgets and resources available to implement all the necessary requirements, small and medium-sized businesses may be challenged to comply with consumer data privacy regulations. If you fail to comply with CPRA regulations, you may face expensive financial penalties and possible damage to your reputation.
December 17, 2022
Avoid costly fines, protect your customers personal data and protect your brand value by building customer trust. Jumpstart your consumer data privacy program and get started for free today.Get Started
No credit-card required