Last year, following the implementation the EU’s GDPR law, California enacted a piece of legislation called the California Consumer Privacy Act which will go into effect on January 1, 2020.
The California Consumer Privacy Act is seen as the GDPR equivalent for the state, and will require businesses to implement strict data policies to protect consumers and personal information.
Among some of the provisions of the Privacy Act include a consumer’s right to request what types of personal information is being held by a business, a right to decline the sale of personal information, the right to know what information is being used and for what purpose.
For businesses, the new law also places emphasis on data security and protection to ensure that personal data is handled properly. Many of the provisions in the new law are similar to GDPR and businesses will need to implement privacy policies and in cases, have a data compliance officer to ensure data is properly handled.
Due to the nature of this new law, and the subsequent impact it is having on other states, it is a certainty that equivalent laws for other U.S. states will have similar provisions, and require businesses to protect data.
The U.S. is also signatory to the Privacy Shield agreement with the European Union on data transference, and is continuing to work with other countries to protect people’s information when transferred across borders. This affects international businesses that store data in one country, and transfer that information to another in order to facilitate a transaction, a booking, or any kind of data processing activity.
For businesses that want to be fully compliant with new data laws, they can ensure that data is protected through proper erasure and removal processes. By erasing records and personal information with full auditing, an organization can prove to law enforcement and data regulators that it is properly handling information, and securely removing it when no longer needed.
In order to do this, hard drive degaussing and erasure is recommended. Brands and government agencies as well as small businesses can implement data protection and erasure by investing in degaussing equipment that can be used in an office environment. This allows organisations to document their data, and erase hard drives and tapes with full transparency.
You can learn more about data degaussing and see some of our recommended hard drive degaussers which provide the option for businesses to track their data erasure live, and deliver full reports to data compliance officers and regulators.