California’s CCPA law is officially in effect — and it’s just the beginning: The nationwide movement to regulate data protection is on. To better understand what this means for your business, our experts recommend thinking of data protection as a tripod, with the “three legs” of security, privacy and risk. Here’s what you should know about each…


Security: The Basics

Even if it weren’t required by law, securing yourself against cyberattacks should be a top priority for businesses of all types and sizes. And this isn’t a task to be passed on to your IT department, either: Your entire organization needs to get involved. Here’s what you need to know about cybersecurity, and here’s how to get the job done.


Security: The Latest

As if cybersecurity wasn’t already a big enough concern, recent geopolitical events are only elevating the urgency. Businesses in the United States “should expect serious cyberattacks from Iran in the next few months,” according to an “overwhelming majority of experts.” Read more at the Washington Post.


Privacy: The Basics

In addition to protecting sensitive data, the CCPA also restricts how data can be collected and shared. That means businesses have an obligation to disclose what info they’re gathering — everything from name and SSN to online browsing and search history — and to offer people a penalty-free option for opting out. Get more details in this legal analysis from Lexology.



Choose the Right Cybersecurity Framework for Your Organization

Privacy: The Latest

If you think you’re exempt from protecting and sharing consumer data because you don’t do business in California, consider this: Other major states are already following the Golden State’s lead by introducing similar laws, including New York, New Hampshire, Virginia, and others. For example: Here’s an overview of Illinois’ new data privacy act, and here’s a rundown of what Florida’s got planned.


Risk: The Basics

In addition to imposing government penalties, the new laws empower consumers to take legal action when their info is compromised, compounding the risk for businesses that fail to comply. The first step in mitigating this risk is creating a trail of proof to satisfy government officials and other third parties in the event of a breach or audit. What’s your risk level? Find out here.


Risk: The Latest

Even outside of California, businesses across the U.S. are at risk for civil suits for failing to protect data – For instance, the Georgia Supreme Court recently ruled to allow a case against a medical clinic “for negligence, breach of implied contract, and unjust enrichment” for failing to protect patient data. Jurist Legal News has more details.

Need help achieving cybersecurity? Call Omnistruct at (916) 484-1111 or contact us here!

Are you prepared to comply with new data regulations?

Request a free 15-minute consult to learn how Omnistruct can help you understand your organization’s vulnerabilities, evaluate your risk, and measure key cyber KPIs to achieve and improve continuous cyber compliance.

Book a Free Consult