As readers of this blog well know, on January 1, 2020, the California Consumer Privacy Act (“CCPA”) will go into effect. Businesses must be prepared to comply with the CCPA in order to avoid civil penalties of up to seven thousand five hundred dollars ($7,500) per violation. The first step in that CCPA compliance preparation is determining whether the CCPA even applies to your business.

What businesses must comply with the CCPA?

CCPA Compliance for Businesses

The following businesses must comply with the CCPA: sole proprietorships, partnerships, limited liability companies, corporations, associations, and other legal entities (excluding not-for-profits, governmental entities, HIPPA covered entities and certain healthcare providers), that: 1) do business in the State of California; 2) collect California State residents’ personal information; and 3) satisfy at least one of the following thresholds:

  • Annual gross revenue of over $25 million;
  • Buy, receive, sell or share the personal information of 50,000 or more consumers, households or devices for commercial purposes each year; or
  • Derive 50% or more of annual revenue from selling consumer personal information.

Time to get Ready

Since the passage of the CCPA on June 28, 2018, we have blogged about the CCPA compliance measures that need to be taken in order to assure a liability free transition on January 1, 2020.