On 1 January 2020, the California Consumer Privacy Act (CCPA) entered into application. A few weeks later, the new Brazilian Data Protection Law (LGPD) began to apply. Both new laws will provide for extensive consumer rights, including a right of access, data portability and deletion. Many impacted organizations have already started their preparations to comply with the law.
This is yet another big law to comply with, so shortly after the EU General Data Protection Regulation (GDPR) has entered into application. This may seem daunting to many, but it doesn’t need to be. If you have put in place the right accountability mechanisms or even better, a more comprehensive privacy program infrastructure to maintain compliance with the GPDR, it may be relatively easy to leverage your work to deal with CCPA and LGPD compliance.
In this short paper, we will show how an accountability approach to privacy management can produce compliance outcomes for both the GDPR, CCPA, LGPD and a multitude of other laws with similar compliance obligations.