It was perfect timing, really.
A few hours after yesterday’s “New Jersey is back doing New Jersey things, like trying to kill restrictive covenants” post went live, two of my partners at FisherBroyles reaffirmed that California will always be the true OG with this article, “California Employers, Are You Prepared For Upcoming Data Privacy Changes?”
The California Consumer Privacy Act (CCPA), modeled from the European Union’s General Data Protection Regulation (GDPR), exempts human resources and business-to-business personal data from the full scope of CCPA’s requirements. However, the HR and B2B exemption expires on January 1, 2023, when the California Privacy Rights Act takes effect and amends the CCPA (CCPA/CPRA).
How should employers that do business in CA prepare?
Since I don’t practice law in California, my advice would be to leave the state. Except, having been to San Diego, this East Coaster can confirm that four seasons are overrated, and I wouldn’t mind relocating there for a lifetime supply of good weather and fish tacos.
While two pending bills propose to extend the HR and B2B exemption, So, I can understand how that January 1, 2023 deadline still looms large for plenty of businesses.
So, check out “California Employers, Are You Prepared For Upcoming Data Privacy Changes?” for some considerations for updating CCPA/CPRA compliance programs and protocols.