- In 2019, 70% of Americans felt their personal information was not as secure as it was five years ago
- HR administrators are most likely to be the first to address requests for data access and erasure.
- Most organizations plan to spend more than $100,000 on privacy solutions, training and workforce.
If you believe in horoscopes, the year 2020 was predicted to be “quite challenging, especially health-wise, but also financially, with obstacles, impediments, and unpredictable situations, which will mainly occur during the first half of the year.”
Maybe we should take astrologers more seriously.
2020 began with the California Consumer Privacy Act (CCPA) providing California residents with data privacy rights like those for EU residents under the General Data Protection Regulation (GDPR). Much like other transformative events including the COVID-19 pandemic, this landmark law is changing the way we live and work. With personal and professional security top-of-mind, concerns around data privacy and protection only continue to increase.
In a 2019 survey by Pew Research Center, 70% of Americans felt their personal information was not as secure as it was five years ago. And while most Americans support the “right to be forgotten,” they admit they have little to no understanding about privacy laws and their data rights.
Individual Privacy Rights
While CCPA defines several individual rights, HR administrators are most likely to address requests for access and erasure. Individuals should be able to call, email or submit these requests on a website or at a physical location.
The Right to Request Access to Information gives individuals the right to request that an organization disclose their personal information in an easily accessible and readable format.
The Right to Deletion entitles individuals to request that a company delete their personal information. There are exceptions like in cases where the data must be retained to comply with business or legal obligations.
Individuals may bring a Private Right of Action against a business for not appropriately protecting their data allowing them to seek damages. An organization may also receive civil penalties for intentional violations of non-compliance.
Data Privacy: The Cost for Employers
Californians have seemingly taken advantage of their new rights. With more people at home and spending time online, the volume of requests has been higher than anticipated. Results from a Truyo study indicate that most companies surveyed honored privacy requests not just from California residents, but from all individuals. In addition to responding to requests, companies must ensure these requests are tracked appropriately including maintaining records of request details and outcomes.
With elevated concerns, tight deadlines to respond and more laws on the horizon, the need for a well-defined privacy strategy is imperative. As a result, most organizations plan to spend more than $100,000 on privacy solutions, training and workforce.
“Adding further to the complexity is the expansion of regulatory compliance. Coming up to two years after the European Commission’s introduction of the General Data Protection Regulation (GDPR), more than a quarter (26%) of IT executives cite ‘ensuring compliance with GDPR and other data protection laws’ among their top-three external challenges.”– Adobe 2020 Digital Trends Report
The horoscope concludes with, “Nothing should be left to chance in 2020, and money, earnings, businesses, and careers need to be protected.” At Ultimate, we’ve developed technology so our customers don’t have to leave the protection of their employee and business data to chance. Plus, it doesn’t require clairvoyance to see how UltiPro® handles privacy management.