Some business owners operate under the belief that as long as their firm or business isn't the victim of a successful cyberattack they won't face any consequences for failing to comply with required rules and regulations. As the Federal Trade Commission's announcement this morning of a settlement with Medable, Inc., shows, however, that isn't the case. 

In January 2020, law firms and their clients doing business with Californians will need to ensure they are complying with the state's new consumer privacy protection law. While enforcement does not begin until mid-year, firms should determine whether they or their clients are regulated under the new law, identify any necessary compliance measures they are lacking and begin their implementation now.

Last week, we looked at the businesses covered by the CCPA. Now, let's look at what they need to do to prepare for compliance.

In January 2020, law firms and their clients doing business with Californians will need to ensure they are complying with the state's new consumer privacy protection law. While enforcement does not begin until mid-year, firms should determine whether they or their clients are regulated under the new law, identify any necessary compliance measures they are lacking and begin their implementation now.

Last week, California Attorney General Xavier Becerra released to the public  proposed regulations under the California Consumer Privacy Act (CCPA).