RKD GroupThinkers Blog

What Nonprofits Need to Know About the CCPA

Written by Justin McCord | Oct 9, 2018 10:49:15 PM

If you’re a U.S. based nonprofit, you need to deepen your understanding of the California Consumer Privacy Act of 2018 (CCPA). This was the second major shift in data privacy and regulation in 2018, after the GDPR’s rollout earlier that year.

The CCPA is legislation that could have adverse effects on nonprofit marketers through online marketing, e-commerce and personal information data processing (both online and offline).  Plus, California is now the world’s fifth largest economy, now surpassed only by the total GDP of the United States, China, Japan and Germany. This heightens the likelihood your nonprofit is receiving donations from the state.

Where can you get up to speed on this legislation?

What do nonprofits need to do now?

First, get educated about CCPA through the resources above.

Second, nonprofits need to assess current data practices and begin forming a data strategy.  CCPA compliance must be in place by January 1, 2020. You’ll need time to establish your baseline and implement new processes, if applicable.

Nonprofits need to move swiftly to understand the impact this legislation could have on your processes.  Risk assessments, analysis of your file (and Google Analytics account) for California residents and refinement of your data processes (including your privacy policy) are all practical steps you should take to help form a data strategy.

RKD Group is not providing legal or insurance advice in this article.  We suggest you consult with your attorneys and insurance provider regarding CCPA soon if you have not already done so.  Those who are proactive will be looked upon as leaders in data security.

**Note: The above content is informative in nature and is not intended as legal advice. As a company that provides professional fundraising consulting services, we retain counsel to ensure compliance with fundraising laws in each applicable state. Questions related to the California Consumer Privacy Act of 2019 (CCPA) and GDPR regulations for US based nonprofits should be directed to counsel that is competent to address such matters.