The California Consumer Privacy Act, set to take effect Jan. 1, 2020, will substantially change what companies doing business with California residents are able to do with their customer data. And although financial institutions subject to the Gramm-Leach-Bliley act are exempt from CCPA, the exemption is not entity-wide. Banks will need to ensure that any operations not subject to GLBA are compliant with CCPA’s requirements. A new article on ABA Risk and Compliance unpacks the intricacies and ambiguities of the law.
“Although the CCPA’s GLBA exemption will cover many types of personal information collected by GLBA-regulated entities, there are still gaps that financial institutions will need to address to ensure CCPA compliance,” write the authors, who are attorneys at the law firm Husch Blackwell. Banks' marketing activities, commercial or business-purpose loans, employee information and consumer data security may fall into these gaps, they explain.Read the article.