Thus, employers should carefully review their information security policies and procedures to reduce the risk of a security breach of employees’, applicants’, directors’, contractors’, and others’ personal information. Before the CCPA, many security breach class actions were unsuccessful because individuals could not adequately demonstrate that they were harmed by the breach. The CCPA’s security breach provisions will substantially increase the risk to employers for handling the personal information of employees, applicants, directors, contractors, and other personnel. The CCPA is aimed towards bolstering consumers’ privacy rights by instituting notice, storage, retention, security, and other requirements related to collecting consumers’ personal information. This counsels for review of all online and hard-copy forms used to collect personal information, such as employment applications, new hire paperwork, benefits enrollment materials, and other documents.
On January 1, 2020, the California Consumer Privacy Act (CCPA), a consumer-friendly privacy law inspired by the European Union’s General Data Protection Regulation, is set to take effect. The CCPA is aimed towards bolstering consumers’ privacy rights by instituting notice, storage, retention, security, and other requirements related to collecting consumers’ personal information.
Although the CCPA is expressly directed at consumer privacy, it also has implications for employment-related data. Because the CCPA defines “personal information” broadly, courts may interpret...
Read the full article @ Cannabis Law Report