The California Consumer Privacy Act (CCPA) creates new consumer rights related to accessing, deleting and sharing of personal information that is collected by commercial businesses. Businesses are subject to the CCPA if they meet certain thresholds related to their revenue, and the amount of personal information the business buys, receives or sells.
California businesses already required to be HIPAA compliant are exempt from the CCPA, but the exemption only applies to protected health information (PHI). If there is personally identifiable information collected through other means and purposes, that information must be considered under CCPA.
Drawing on our deep knowledge of both HIPAA and the CCPA, Clearwater’s team of privacy experts can help you identify potential landmines with the new state-level regulation. Our assessment includes: