The Next Big Thing in Data Privacy: What Associations Need to Do to Plan for the California Consumer Privacy Act

What does your association need to know about the California Consumer Privacy Act?

By Evan Hendershot — Digital Marketing Specialist

North Americans are less aware of their country’s data protection and privacy rules than any other region in the world, according to a 2019 study. But that lack of awareness, relative to other regions, is for good reason.  

The European Union’s General Data Protection Regulation (GDPR) caused a bit of a stir when it went into effect in 2018, but was largely avoided by associations or other organizations who do the overwhelming majority of their business in the United States. A new initiative, the California Consumer Privacy Act (CCPA), however, will not be so easily avoided for organizations in the States. 

Before we dive into the top tips to prepare your association for the CCPA, it’s important to review the basics of the initiative. Essentially, the initiative gives Californians the right to: 

  • Request an explanation of how and why their personal data is being collected. 
  • Refuse consent for organizations to sell their data. 
  • Request that a company delete their personal identifying information from their database. 

As an association with your fair share of data, and possibly many Californian members, the CCPA (which goes into effect on Jan. 1, 2020) is certainly worth preparing for. 

So, what are the next steps your trade or professional association needs to know to prepare for the CCPA? If you’re already abiding by GDPR, you’re more than likely covered. For anyone else, or those who could use a refresher, Microsoft recently released a guide for the CCPA. Here are a few of our top takeaways from the guide. 

Establish Processes 

Let’s imagine that a member wants their data deleted from your system, as authorized via the CCPA. If it’s your first request, what do you do? Microsoft suggests that you have the proper procedures established well in advance, giving your team a set of rules to follow in the event that someone requests information on their personal data that exists in your systems. 

Become a Champion of Data Privacy 

More measures like the CCPA and GDPR are inevitable. The internet is still young, and society is working on ways to correct some of its major flaws. So, you may as well embrace data privacy as the wave of the future. 

Among Microsoft’s five tips to planning for the CCPA, this is perhaps the easiest. By simply supporting information privacy and creating a culture where member data is handled responsibly, youorganization will be in a position to successfully navigate future data privacy initiatives. And more are coming — Microsoft’s guide states that the Federal Trade Commission, National Telecommunications and Information Administration and the National Institute of Standards and Technology are all making progress on new privacy laws of their own. 

Keep Association Data Safe from the Start 

The need for greater control over one’s personal information comes on the heels of several major data breaches nationwide, and one can only wonder what would happen if a similar breach were to occur at their own organization. 

As support for more data privacy initiatives increases and the rhetoric surrounding information privacy advances, an association’s ability to maintain a secure database will become even more critical.  

One key measure to keep your member data safe is to find an association management software vendor storing data on the Azure Trusted Cloud via Microsoft Dynamics 365.  

Microsoft spends $1 billion on cybersecurity each year, has 3,500 security professionals analyzing 6.5 trillion global signals daily and blocks 5 billion malware threats monthly. That unparalleled level of security is, in part, why Protech continues to partner with Microsoft to protect the data of associations and their members. 

Final Thoughts 

The internet is still in its infancy, so data privacy initiatives like GDPR and the California Consumer Privacy Act are possibly just the tip of the iceberg. But with proper planning and a secure, trusted cloud to store your member data, the possible challenges created by the CCPA and GDPR are surmountable. 

To learn about more technology trends, check out our webinar featuring Teri Carden, of ReviewMyAMS, “Elevate Your Association With These Tech Tips & Trends.” 

About the Author: Evan is the digital marketing specialist at Protech. He previously served as a reporter and assistant editor at a newspaper in South Dakota, covering topics including technology and state government. For more from Evan, check out this blog post.