I’m sure by now you’ve heard of GDPR and some of the large-scale data breaches that have occurred within it. If you haven’t heard of the GDPR, you’ve been living under a rock, or you’re like me, a United States citizen (it’s amazing how little we know about this oncoming train). If you’re seeing the four letters GDPR strung together for the first time, then you better jump on learning about it right now. Why? Let’s string together more letters — CPPA. That stands for the California Privacy and Protection Act. That’s a law modeled off the GDPR that goes into effect in 2020 (yeah, in nine months).
Compliance Isn’t Always Spelled GDPR
Maybe you’re not in an EU country and you don’t have any person’s data from there. Maybe you think that the CPPA won’t apply to you because you’re not in California and don’t have any person’s data from that state. However, do you collect credit card information? Are you compliant with the PCI rules? That’s the Payment Card Industry, by the way.