Articles

California Consumer Privacy Act: The Need for Data-Centric Security

Martin Kuppinger

The California Consumer Privacy Act (CCPA) is the latest in a series of global privacy regulations. It comes with new requirements for dealing with personal data and is accompanied by severe penalties. Consequently, businesses must take appropriate action to comply with CCPA. While handling consent and opt-outs are at the forefront, successful mitigation of risks starts with data-centric security – it is about understanding where personal data resides and encrypting or anonymizing that data whenever possible. This is where technology, such as data tokenization becomes an essential element for every business.