Account
Get our app
Account Start free trial Log in

Don't risk a tax mistake

Focus on what you do best—we’ll take care of the rest. Get expert tax filing tailored to your needs with Rocket Tax.

Don't risk a tax mistake

Get started

Steps to CCPA compliance

While many small businesses will not meet the criteria of companies impacted by the law, there are several steps that business owners can take to ensure they are compliant by the time the law's enforcement period begins:

1. Understand the scope of the law

First, you must understand the law itself. Most importantly, you must understand the broad definition of "personal information", which is defined as any information which "identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household." Personal information includes, but isn't limited to:

  • Personal identifiers (names, aliases, addresses, e-mails, SSN, driver's license number, etc.)
  • Biometric information
  • Geolocation
  • Employment information
  • Commercial information
  • Internet or network activity
  • Audio, electronic, visual, thermal, or olfactory information
  • Education information that is not publicly available personally identifiable information
  • Information that may be inferred from any of the above

2. Train your employees

The CCPA requires employees who handle customer requests about data privacy practices (deleting information, opting out, etc) and employees who are responsible for the company's compliance to undergo specific training to understand the law. Generally, this statute will require training of all customer service representatives and whoever handles legal compliance. 

It is recommended that you know which employees have roles handling personal data to ensure that everyone who has to go undergo training completes it. Employee training should start well before the enforcement begins to help ensure that you are not fined any of the violation fees or end up with a consumer lawsuit. 

3. Understand the penalties

The penalties for not being CCPA compliant go up to $7,500 per intentional violation and $2,500 for unintentional violations which are enforced by the California attorney general. Consumers also have the right to pursue their own individual action against non-compliant businesses, and they can sue the company if a data breach occurs due to carelessness. 

Although it may seem daunting at first, if you divide your effort into these easy and manageable steps, you will be on the path of CCPA compliance. If you have questions about CCPA compliance, ask a lawyer

This article contains general legal information and does not contain legal advice. Rocket Lawyer is not a law firm or a substitute for an attorney or law firm. The law is complex and changes often. For legal advice, please ask a lawyer.


Ask a Legal Pro

Our Legal Pros are here for you.
Characters remaining: 600
Meet our featured Legal Pros

Try Rocket Lawyer FREE for 7 days

Get trusted legal help at a price that works for you. Your free 7-day trial includes:

Unlimited documents & signatures
Personalize, RocketSign®, and share any legal document you need

Business filings made simple
Start your business, stay compliant, and protect your ideas — all in one place

Ask a Legal Pro
Get answers to your legal questions or have your documents reviewed by a Legal Pro

Retain a Legal Pro
Get personalized help for more complex legal matters

Member-only savings
Enjoy exclusive discounts for Legal Pro services and partner offers

Legal help, anywhere
Use our free app to get legal support whenever and wherever you need it