California Attorney General Xavier Becerra released long-awaited final regulations for the California Consumer Privacy Act (CCPA) on August 14, 2020, that went into effect immediately. The Office of the Attorney General can now fully implement and enforce CCPA, along with these final regulations.
Apartment firms and other organizations that operate in California have been challenged by the process because they were required to comply with CCPA as of January 1, 2020, even as they waited for the rulemaking process to end. There are some notable changes from previous versions of the proposed regulations, including regarding non-disclosed uses of personal information, authorized agents and opt-out requests. NMHC encourages apartments firms to consult counsel on applicability and compliance
In addition to CCPA compliance, firms conducting business in California should be aware of other data privacy activity. As of January 1, 2021, employment-related data and business to business data will no longer be exempted from CCPA. Additionally, Proposition 24, known as the California Privacy Rights Act, will be on the November ballot in California and could impact apartment firms. To learn more about the ballot initiative, visit the California Legislative Analyst’s Office summary.
NMHC and the apartment industry continue to monitor data privacy legislation and had notable successes during the CCPA rulemaking process. After NMHC filed comments on the proposed CCPA regulations, California Attorney General Becerra made some changes to the regulations that address the industry’s concerns.
The number of state data security and privacy standards and breach notification requirements have created a significant compliance challenge for apartment firms. To reduce this compliance burden, NMHC is actively supporting a federal data security and privacy standard.
NMHC has long argued that any standard must be scalable, account for the scope and size of the business and the sensitivity of the data in question. To date, bipartisan agreement on privacy and security standards has eluded Congress. It is likely that this impasse will continue throughout 2020, making compliance with the CCPA and other emerging standards critical for multifamily firms of all sizes.
NMHC’s comprehensive white paper on data privacy includes practical considerations for apartment firms so that they can evaluate organizational practices based on common themes found in each of the notable privacy standards that exist today.
For more information on data privacy and security, please visit NMHC’s data privacy and security advocacy page.
Related Articles
- NMHC-NAA Statement for House Energy and Commerce Subcommittee Hearing on Data Privacy Rights
- NMHC-NAA Ex-parte Letter to FCC on Bulk Billing
- NMHC NAA Comments to FCC on Digital Discrimination
- NMHC NAA House Financial Services Data Privacy Letter
- NMHC NAA House Energy and Commerce Data Privacy Letter