50% of US Organizations Not Prepared for CCPA

by | May 10, 2019

According to a report released by the International Association of Privacy Professionals (IAPP) and OneTrust, prior to the California Consumer Privacy Act (CCPA) becoming enforceable on  January 1, 2020, nearly 50% of all companies will not be ready to comply with CCPA.

The groups reviews how ready US organizations are for the new regulations and found that reputation and consumer privacy are the biggest drivers for CCPA compliance. Despite this just 55% of companies say that they will be ready by the January go live date.

Rita Heimes, IAPP research director and data protection officer, said in a press release: “Our survey targeted a community of well-informed privacy professionals, and even they seem a bit caught off guard by the CCPA. Nevertheless, they seem to think it’s not likely to be replaced by a federal law any time soon.”

25% of the firms reviewed thats that they will be in compliance by the enforceable date of July 1, 2020.

Kabir Barday, OneTrust CEO and fellow of information privacy (FIP) said:  “The CCPA is a major moment for the U.S. privacy landscape, and our research reveals companies that didn’t need to overhaul privacy practices for GDPR compliance are now struggling to meet the CCPA’s 2020 deadline. With OneTrust, organizations can simplify this compliance process and implement an automated and research-backed technology solution to fast-track their efforts and efficiently meet CCPA requirements, including the 12-month ‘look back’ clause which forces companies to handover consumer data handling practices as far bas as January 2019. We’ve already seen a massive increase in customer interest in the CCPA, and are helping many organizations make the necessary CCPA operational changes to leverage the new law as a stepping stone for building a global privacy program.”

There was, according to the report, a link between those companies/organizations that are already in compliance with the EU’s General Data Protection Regulation and their level of preparation for the introduction of CCPA. Among those not yet prepared for the new legislation the main obstacles to being ready cited were a lack of time. On the other side of this coin preserving company reputation was seen a something that is making companies move quickly to ensure compliance.


Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy