Heather Buchta featured in “10 things you need to know about CCPA compliance”Compliance Week Magazine 11/19/19
Below is an excerpt:
To some degree, California’s statute “represents a shift in perspective” for data", observes Heather Buchta, a partner at the law firm Quarles & Brady. "Courtesy of California’s state legislature, we as a society are evolving from looking at data as a company asset and moving toward “a consumer rights mentality,” Buchta says. "Still, businesses cannot afford to dither about compliance.
8. Figure out where your data is. Don’t forget “offline” data—the sort that’s in the real world. The CCPA regulations “clearly push data privacy disclosures into the offline realm, including onsite consumer interactions,” Buchta cautions.
9. Review vendor contracts. “Figure out which vendors have access to any personal information, pull the contracts, and double check the data use language,” Buchta adds. Put amendments in place “to give you the contractual protections you need for data restrictions,” she says.
10. Train Employees. “Personnel need to understand their privacy program so they can help reduce risk for the business, both from a process perspective and a customer communications perspective,” Buchta says.