CCPA enforcement starts July 1. Are your employee notices in order?


Jun 29, 2020

Ready or not, here it comes. This Wednesday, July 1, California will start enforcing its landmark privacy law -- and businesses face costly penalties and lawsuits if they're not ready. The California Consumer Privacy Act (CCPA) took effect January 1 but businesses had a six-month grace period to get their data handling practices up to code.

Unfortunately, those new requirements have been easy to overlook in the midst of a pandemic and ongoing quarantine measures. California's Attorney General has pledged to start enforcement this week regardless.

While the government is expected to focus its fire power on tech giants, companies of all sizes are still vulnerable to lawsuits and penalties. In fact, small and medium-sized businesses have borne the brunt of complying with CCPA. And our research indicates many employers have yet to comply with a CCPA requirement to send their California workers a privacy notice.

Until recently, U.S. companies had virtually no restrictions on what they do with employee data. Now they must inform California workers what data they're collecting and why -- and can be sued if that information is part of a data breach.

Rippling is the only company that automates CCPA privacy notices for your workforce.

last edited: March 26, 2024

The Author

Vanessa Wu

Rippling General Counsel

Vanessa is based in San Francisco and serves as the General Counsel at Rippling, where she oversees the Legal, Compliance, Enterprise Risk, and Internal Audit teams. Before Rippling, she advised on high-stakes litigation in private practice, and served as the GC of publicly-traded technology company.