© 2019 SourceMedia. All rights reserved.

Few organizations ready for new California data privacy regulations

With less than 10 months to the deadline for complying with the California Consumer Privacy Act, only 14 percent of U.S. companies are compliant and 44 percent have not yet started the implementation process.

That is the finding of a new report from research firm Dimensional Research and privacy technology provider TrustArc. As part of the research, the companies surveyed 250 IT and privacy/legal professionals online from in February 2019.

Of those companies that have worked on General Data Protection Regulation (GDPR) compliance, 21 percent said they were compliant with CCPA. That compares with to only 6 percent of companies that did not work on GDPR.

calif regs.jpg
Coaxial cables connect to a computer server unit inside a communications room at an office in London, U.K., on Monday, May 15, 2017. Governments and companies around the world began to gain the upper hand against the first wave of an unrivaled global cyberattack, even as the assault was poised to continue claiming victims this week. Photographer: Chris Ratcliffe/Bloomberg

CCPA is set to be the toughest privacy law in the U.S., the report said, broadly expanding the rights of consumers and requiring businesses to be significantly more transparent about how they collect, use, and disclose personal information.

The CCPA compliance deadline is Jan. 1, 2020 and will impact tens of thousands of businesses worldwide that have customers or employees located in California.

Other key findings of the study: 71 percent of companies expect to spend more than six figures to comply with CCPA, and one in five expect to spend more than $1 million to achieve CCPA compliance. For companies that were not affected by GDPR, 79 percent will spend more than six figures to comply with CCPA, compared with 61 percent that have worked on GDPR compliance.

For reprint and licensing requests for this article, click here.