CCPA is a California state law intended to enhance the privacy rights and consumer protection for its residence. A key aspect of the CCPA is that businesses take “reasonable measures” to secure consumers’ personal and identifiable information (PII) – such as names, addresses, social security numbers, credit card numbers, credit scores, and bank account numbers.
The California Attorney General defines “reasonable measures” as compliance with the 20 controls established by the Center for Internet Security (CIS). The implementation and ongoing management of these IT best practices are essential to keeping a dealer’s data, systems, and finances secure. The implementation of these best practices not only mitigates the risk of a cybersecurity breach but also enhances the dealership’s ability to sell and service more cars and trucks. However, most dealers do not comply. In California, not complying with these best practices now has consequences.
Beginning July 2020 CCPA is now enforceable. This means the lawsuits are starting. The law now has teeth. Further, there will likely be a ballot measure in November calling for the creation of the California Privacy Protection Agency. If passed – which appears to be highly likely – then the agency would staff privacy professionals to enforce CCPA. California isn’t messing around when it comes to the privacy and protection of consumer information.
The implementation of the IT best practices that are required to claim that “reasonable measures” have been taken to secure consumer data can’t be done overnight. It’s much more than just adding a privacy clause to your website. To learn about what it takes to implement these IT best practices, Erik Nachbahr (Founder & President, Helion Technologies) recently did a webinar to explain. The webinar called Dealer IT Best Practices; Protecting Against Cybercrime and Boosting Productivity describes a practical step-by-step process that dealers can take to attain CCPA compliance, mitigate their risk of a cybersecurity breach, and boost dealership productivity.
CCPA has implications for dealers nationwide. There is a consumer data privacy revolution underway and laws like CCPA are spreading across the country. In fact, there is talk of the creation of a federal consumer privacy law that will be tougher than CCPA. The implementation of IT best practices is beneficial for every dealer – not just those in California.
We live in a dangerous world and cybercrime is exploding. Forcing businesses to up their game regarding their cybersecurity defenses isn’t a bad thing. This is needed and the time to act is now.