skip to Main Content
The CCPA is an opportunity to get your data security house in order

As California’s privacy legislation goes into effect, it’s time to take stock of your security strategies around data and think about the future. The trend towards greater privacy is set to continue.

The big data grab drove companies to stockpile data, with little thought of how to use it, and even less thought about how to properly secure it. People everywhere are growing more conscious of the data they share, who collects it, and how it is handled. This rising awareness has sparked legislation designed to safeguard sensitive data, but these new laws aren’t just boxes to tick off, they represent an important trend that businesses need to get on board with.

Like the EU’s General Data Protection Legislation (GDPR), the California Consumer Privacy Act (CCPA) is a far-reaching attempt to enshrine new rights for people around their data. Everyone should be able to see what data is being collected, for what purpose, and to decide that they don’t want to share data without penalty.

You could study what the CCPA means for your business and work out how to comply in fire-fighting mode, then wait for the next piece of data legislation. But that’s short-term thinking, and it will cost you more in the long run. The smarter move is to use the CCPA as a springboard to re-examine your data security efforts, fundamentally change the way you collect and use sensitive data and get your house in order.

There are three key areas to consider: how you collect data, how you store data, and how you distribute data.

Interrogate your data collection                                                    

The tide has changed on sensitive data, and the GDPR and CCPA are just the first couple of waves. It would be safe to assume that regulations will continue to tighten, and more laws will follow. By re-examining the data your business collects and thinking critically about the value it represents, you can decide how much of it is necessary. You may find it is better to stop collecting some kinds of data.

Talk to all key stakeholders about the data your business is collecting. Identify the critical data for your business processes and cross-reference that with all the personal data you collect on people that falls under the CCPA. Consider that any personal data you collect about people and their habits, from email addresses to browsing history to specific preferences, is data that you’re going to have to make accessible on request.

Once you have a map of the data that’s essential to your business, you can start thinking about how to classify, store, move, and protect it.

Secure your data storage

The potential cost of a data breach is enormous and that’s why companies already have all kinds of security measures in place to protect most of the sensitive data they hold, such as credit card numbers, birth dates, and addresses. Despite this, there are still some kinds of data that may not be as protected as they should be, and there are also times when data is not transferred securely, or when data is used in other environments insecurely.

Michelle Drolet

Michelle Drolet

Michelle Drolet is founder of Towerwall, a woman-owned cybersecurity and cannabis compliance services provider in Framingham, Mass., with clients such as CannaCare, Smith & Wesson, Covenant Healthcare and many mid-size organizations. She can be reached at [email protected].

 

 

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Stories

Virginia governor vetoes marijuana market bill

A push to establish a legal marijuana market in Virginia is officially dead after Republican Gov. Glenn Youngkin vetoed legislation on Thursday. Virginia has allowed adults over 21 to possess and cultivate…

CDTFA Cannabis Creditor: Myths and Truths

By Hilary Bricken, Attorney at Husch Blackwell Dealing with creditors is never a fun experience. However, some creditors are more severe than others, especially in the cannabis industry. One of…

If FL Supreme Court approves cannabis ballot language, will voters go for recreational weed or not?

The long wait on whether Floridians will get a chance to vote to legalize recreational cannabis for adults 21 and older is almost over, as the Florida Supreme Court is…

Missouri strips marijuana licenses connected to company accused of predatory behavior

Missouri’s health department on Wednesday stripped two coveted marijuana micro-licenses tied to an out-of-state company that had been accused of predatory practices and had listed the licenses for resale. The…

More Categories

Back To Top
×Close search
Search