Joseph J. Lazzarotti, Jason C. Gavejian, Sean Paisan & Rob Yang of JacksonLewis write:
For the past few years, California’s comprehensive privacy law known as the California Consumer Privacy Act (“CCPA”) included an important partial exemption for employees, applicants, and independent contractors (collectively, “workforce members”). The California Privacy Rights Act, which amended the CCPA, extended the exemption through December 31, 2022. While many expected the exemption would be extended, the current California legislative session ended on August 31, 2022, without a bill to do so.
The failure to get an extension across the legislative finish line leaves CCPA-covered businesses with not much time to begin expanding their CCPA compliance efforts. Currently, compliance with respect to workforce members, and certain others, is limited. It includes, in general, providing a notice at or before the time of collection of personal information and maintaining reasonable safeguards to protect certain personal information. By comparison, employers will need to, among other things, expand their privacy policy to address workforce members and be ready to respond to the requests of workforce members concerning their rights under the CCPA, including the right to delete their personal information.
Read more at Workplace Privacy, Data Management & Security Report.