Professionals

Name / Keyword Office Practice Industry Language Show All
Practices

Business and Corporate

Construction

Coronavirus (COVID-19): Navigating the Path Ahead

Data Protection, Privacy and Cybersecurity

Emerging Companies

Environment, Social and Governance (ESG)

Financial Services

Global Business

Government Enforcement and Investigations

Government Relations and Public Policy

Health Law

Hospitality

Immigration

Intellectual Property

Labor & Employment

Litigation

Mergers and Acquisitions

Product Liability and Mass Tort

Real Estate

Securities

Tax

Transportation and Logistics
Industries

Automotive

Aviation and Aerospace

Construction

Disaster Recovery and Government Services

Drug, Device and Life Sciences

Education

Energy

Financial Services

Gaming

Governmental Entities

Health Care

Hospitality

Long Term Care

Manufacturing

Real Estate

Retail

Telecommunications

Transportation and Logistics
Experience

Featured Case Study
Community Healthcare Trust Incorporated Community Healthcare Trust Incorporated More Case Studies

Search Experience
Keywords Practice Industry
News & Events

Professionals
Practices
Industries
Experience
News & Events
Other Pages

Quick Results

View More Results

Practices

The California Consumer Privacy Act of 2018 (CCPA)

Print Version

The CCPA is an expansive privacy law that will provide consumers with certain privacy rights and more control over personal information that businesses collect about them.

Featured Video

What to Do in 2022 – Privacy and Data Protection for the New Year January 28, 2022

Why Baker Donelson?

More than 30 attorneys on our Privacy and Information Security Team

Listed as a BTI Cybersecurity & Data Privacy 2020 "Leading Law Firm"

Practice Overview

The law stands to have far-reaching consequences for many businesses across the country. Although the CCPA is similar to the GDPR, each has unique requirements. As a result, even businesses that have already addressed their GDPR compliance obligations will need to review their data activities before they undertake new data privacy efforts.

Important Dates

January 1, 2020: CCPA will go into effect (with a 12-month lookback period)
Spring 2020: Final regulations from Attorney General will be issued
July 1, 2020: Attorney General will begin enforcement

Baker Donelson's Data Protection, Privacy and Cybersecurity attorneys have extensive experience helping our clients comply with privacy laws in the U.S. and around the globe. Our team members work with businesses to help them understand the impact that CCPA and other state law will have on their business (even if they are outside of California).

As with all privacy laws, businesses need to understand and identify the data that is impacted and determine what updates to their privacy policies will need to be made to be in compliance. Our team of privacy attorneys work with clients across industries to assist in:

Strategic planning with respect to data inventory and mapping
Compliance readiness assessments, including privacy and data security gap assessments
Preparation of privacy notices
Compliance program development, implementation and training
Risk management, including vendor diligence and contracting
Identifying, engaging and managing IT consultants and solutions

Industry sectors that we provide guidance include:

Advertising, marketing and digital media
Financial services/wealth management
Health care
Hospitality
Human resource services including employee benefit providers
Manufacturing, including automotive
Professional services organizations
Real estate
Retail
Software and Software-As-a-Service providers

Assisted national ecommerce and brick-and-mortar retailers in developing strategic plans with respect to data inventory and mapping activities.
Worked with international data and analytics company and national laboratory company to determine CCPA applicability based upon their operations.
Prepared revised privacy notices for retailers, distributors, and software companies.
Counseled national commercial financing company with respect to CCPA preparedness planning.
Worked with health care vendors to determine interplay of individual rights afforded under CCPA and those provided under HIPAA.
Worked with national automobile dealer to develop strategic plan for CCPA and assist with vendor contracts.
Counseled national investment management company on CCPA applicability to multiple business operations.

"New Legislation Will Require Critical Sector Entities to Report Certain Cyber Incidents," republished April 7, 2022 in CPO Magazine (March 2022)
"California Privacy Law Update: CCPA Amendments Announced and CPPA Board Members Appointed," republished April 8, 2021 in Corporate Compliance Insights (March 2021)
"How California's New(er) Privacy Legislation Will Affect U.S. Businesses," republished November 18, 2020 in Corporate Compliance Insights (November 2020)
"CCPA Final Regulations Submitted – What Does Your Business Need To Do?" (June 2020)
"Data Privacy Day 2020 – What Actions Businesses Can Take," (January 2020); republished in Corporate Counsel (February 2020)
"California Privacy Regulations Released: Guidance and the Addition of New Requirements" (October 2019)

What to Do in 2022 – Privacy and Data Protection for the New Year (January 2022)
The California Privacy Rights Act and Financial Institutions (March 2021)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 2019)

Baker Donelson's Matt White Earns Certified Information Privacy Technologist Certification (August 30, 2022)
Privacy and Technology Attorney L. Hannah Ji-Otto Joins Baker Donelson (August 17, 2022)
Baker Donelson Continues to Expand Its Technology & Privacy Practice with Addition of Vivien F. Peaden in Atlanta Office (August 4, 2021)
Baker Donelson's Alex Koskey Earns Payment Card Industry Professional Certification (May 17, 2021)
Baker Donelson's Matt White Earns Payment Card Industry Professional Certification (March 22, 2021)
Baker Donelson's Andrew J. Droke Earns Information Privacy Certification (July 16, 2020)

Newly Elected Nashville Shareholders Bert Chollet, Andy Droke and Ryan Richards Featured in Nashville Post (April 18, 2022)
Law360 Highlights Addition of Vivien Peaden to Firm's Privacy and Technology Practice (August 5, 2021)
Alisa Chestler Comments on Recent OCR Right of Access Settlements in Hospital Access Management (November 10, 2020)
Alisa Chestler Featured on AUA Inside Tract Podcast on Understanding COVID-19 HIPAA Relief Provisions for Telehealth (March 31, 2020)
Alisa Chestler Discusses Continued Emphasis on Cybersecurity and Data Privacy Law During 2020 in Law360 (January 1, 2020)
Alisa Chestler Featured on HealthcareInfoSecurity Discussing Data Privacy and Security Trends (November 13, 2019)

What to Do in 2022 – Privacy and Data Protection for the New Year (January 28, 2022)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 10, 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 12, 2019)

Key Contacts

Alexander F. Koskey, CIPP/US, CIPP/E, PCIP

T: 404.443.6734

Email Professional

Andrew J. Droke, CIPP/US

T: 615.726.7365

Email Professional

View All Professionals in this Practice

Related Practices

Featured Media

Baker Donelson's Matt White Earns Certified Information Privacy Technologist Certification

Press Release / August 30, 2022

Privacy and Technology Attorney L. Hannah Ji-Otto Joins Baker Donelson

Press Release / August 17, 2022

Newly Elected Nashville Shareholders Bert Chollet, Andy Droke and Ryan Richards Featured in Nashville Post

News / April 18, 2022

Search By Last Name

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Baker Donelson is a national law firm with more than 650 attorneys and public policy advisors representing more than 30 practice areas to serve a wide range of legal needs. Clients receive knowledgeable guidance from experienced, multi-disciplined industry and client service teams, all seamlessly connected across 23 offices in Alabama, Florida, Georgia, Louisiana, Maryland, Mississippi, North Carolina, South Carolina, Tennessee, Texas, Virginia, and Washington, D.C.