California Consumer Privacy Act: What Businesses Need to Know

California Consumer Privacy Act: What Businesses Need to Know

Considered the U.S.' broadest and most comprehensive consumer privacy and data protection law, see how your business can comply with the California Consumer Privacy Act.

What Is the California Consumer Privacy Act?

The California Consumer Privacy Act (CCPA) is considered the country’s broadest, most comprehensive consumer privacy and data protection legislation. The law went into effect on Jan. 1, 2020 and applies to any for-profit company that processes the data of California residents.
The law covers any data that can identify a single person or household. It also gives consumers in the state the right to:
  • Access data
  • Opt out of data sales
  • Deletion of data
  • Pursue private right of action for data breaches
Companies that must comply with the California privacy law include those that:
  • Have an annual revenue greater than $25 million
  • Obtain personal information of at least 50,000 state residents annually
  • Get half of their annual revenue from selling personal information

How Do You Comply With the California Consumer Privacy Act?

Businesses that don’t comply with the California Consumer Privacy Act face fines and potential lawsuits. So, it’s important to make sure new policies and procedures are in place to ensure you’re following the law. Some of these new processes can include:1
  • Creating or updating privacy notices
  • Revising vendor agreements
  • Developing a process for data deletion
  • Data mapping
  • Training specific to CCPA

Insurance Coverage to Help Cover the California Consumer Privacy Act

Your business’ insurance policies may cover the CCPA. For example, our professional liability insurance policy can help cover claims related to:
  • A data privacy wrongful act
  • Data privacy laws
  • The release of confidential or sensitive personal information
Links from this site to an external site, unaffiliated with The Hartford, may be provided for users' convenience only. The Hartford no controla o revisa estos sitios. La provisiòn de cualquiera de estos enlaces no implica la aprobación o asociación de The Hartford con dichos sitios. The Hartford no es responsable y no ejerce ningún tipo de representación o garantía relacionadas con los contenidos, integridad, precisión o seguridad de cualquier material publicado en dichos sitios. Si usted decide ingresar a sitios que no pertenezcan a The Hartford, lo hace bajo su propia responsabilidad.
The Hartford Financial Services Group, Inc., (NYSE: HIG) operates through its subsidiaries, including the underwriting company Hartford Fire insurance Company, under the brand name, The Hartford,® and is headquartered in Hartford, CT. For additional details, please read The Hartford’s legal notice at
The Hartford Staff
The Hartford Staff
Our editorial team spans writers, researchers, product specialists and subject matter experts. We cover the intersection where best practices and business insights meet.