The CCPA has been up and running for a couple of years now, with changes coming in 2023 with the amendments from the Consumer Privacy Rights Act (CPRA).  While a federal law is always being teased and
other states coming online in 2023, California remains the state privacy law by which to assess and manage compliance when processing personal data.

So, as you might imagine, loads of questions and anxiety over the country’s most comprehensive state privacy regulation continue to keep us busy.  This prompted us to provide a simple 3-step process to determine if the law applies to your business (now, in 2023, or beyond), what you need to do to meet the law’s requirements, and how to begin considering a national approach to data privacy governance.  While no summary can capture every aspect of developing a compliance plan, we hope the following resources are helpful in getting your arms around managing privacy and meeting the (applicable) requirements of the California laws.

Again, as always, seek qualified legal counsel whenever making determinations about your company’s legal or compliance obligations.  Taft’s Privacy and Data Security Practice stands ready to assist you with a risk-based, common-sense approach to your data governance needs.  Stay tuned to Privacy and Data Security Insights for more on California and all things privacy, and don’t forget to download our free mobile app, to give you quick, real-time access to PDS content and updates.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Scot Ganow Scot Ganow

Scot is a partner at Taft and is chair of the firm’s Privacy, Security, and Artificial Intelligence Practice.  As a former chief privacy officer leveraging more than 10 years of management and compliance experience in Fortune 500 companies prior to law school, Scot…

Scot is a partner at Taft and is chair of the firm’s Privacy, Security, and Artificial Intelligence Practice.  As a former chief privacy officer leveraging more than 10 years of management and compliance experience in Fortune 500 companies prior to law school, Scot brings a diverse business background to his practice at Taft.  Scot represents clients in a variety of sectors, including consumer reporting, construction, healthcare, broadband services, and manufacturing.

Read more about Scot GanowScot's Linkedin Profile
Show more Show less
Photo of Zenus Franklin Zenus Franklin

Zenus has wide-ranging experience with data governance and information technology, which brings a unique and vital perspective to his practice. He advises clients on data privacy matters, such as risk management, policy development, training, audits, website privacy policies and terms of use, website…

Zenus has wide-ranging experience with data governance and information technology, which brings a unique and vital perspective to his practice. He advises clients on data privacy matters, such as risk management, policy development, training, audits, website privacy policies and terms of use, website cookies, M&A due diligence, and data breach and incident response management. His expertise spans federal privacy regulations such as HIPAA, GLBA, FCRA, TCPA, FERPA, and COPPA, along with state laws governing the processing of personal information, such as the California Consumer Privacy Act and state Data Broker laws.  Additionally, Zenus provides guidance to clients on global data privacy matters, including the GDPR.

Read more about Zenus FranklinZenus's Linkedin Profile
Show more Show less
Related Posts
A Deeper Dive Into California’s App Store Accountability Law
March 23, 2026
New CCPA Risk Assessment Requirements Now In Effect
February 3, 2026
New App Store Accountability Laws in 2026: If Your Business Has an App, Read On
December 1, 2025