What does a Human Resources Director need to know about the CCPA?

BCLP
Contact
LinkedIn
Facebook
X
Send
Embed

The CCPA applies to the personal information of the California employees of a business that is subject to the statute.  The specific rights afforded to employees were set to phase-in throughout 2020. 

The following summarizes the top operational impacts that the CCPA has upon human resource departments:

  1. Privacy notices. Under the CCPA, employers are required to provide California employees with privacy notices that, among other things, itemize the categories of personal information collected, shared, and sold about the employee.1 
  2. Access rights. Under the CCPA, California employees are permitted to request access to the personal information that the employer has collected about the employee.2
  3. Deletion rights. Under the CCPA, California employees are permitted to request the deletion of the personal information that the employer has collected from the employee.3 Note that the CCPA does not require that employers grant such requests in all situations. 
  4. HR benefits providers. Under the CCPA, an employer must stake steps to verify that by providing personal information about California employees to benefits providers it is not “selling” personal information as that term is defined in the statute. If a sale does occur, the employer must disclose the sale to the employee and offer them the ability to opt-out of the sale through a “Do Not Sell” mechanism.
  5. Data security breach. Under the CCPA, if the sensitive information of a California employee (e.g., Social Security Number) is breached as a result of the employer’s inadequate data security, an employee may be able to initiate suit to recover statutory liquidated damages.4

For more information and resources about the CCPA visit http://www.CCPA-info.com. 

This article is part of a multi-part series published by BCLP to help companies understand and implement the General Data Protection Regulation, the California Consumer Privacy Act and other privacy statutes.  You can find more information on the CCPA in BCLP’s California Consumer Privacy Act Practical Guide, and more information about the GDPR in the American Bar Association’s The EU GDPR: Answers to the Most Frequently Asked Questions.

1. CCPA, Section 1798.100(b); 1798.130(a)(5)(b).

2. CCPA, Section 1798.110(a)(1) – (5).

3. CCPA, Section  1798.105(a).

4. CCPA, Section 1798.150.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BCLP | Attorney Advertising

Written by:

BCLP
BCLP
Contact
more
less

BCLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide