California Attorney General Xavier Becerra released long-awaited final regulations for the California Consumer Privacy Act (CCPA) on August 14, 2020, that went into effect immediately. The Office of the Attorney General can now fully implement and enforce CCPA, along with these final regulations.
Apartment firms and other organizations that operate in California have been challenged by the process because they were required to comply with CCPA as of January 1, 2020, even as they waited for the rulemaking process to end. There are some notable changes from previous versions of the proposed regulations, including regarding non-disclosed uses of personal information, authorized agents and opt-out requests. NMHC encourages apartments firms to consult counsel on applicability and compliance
In addition to CCPA compliance, firms conducting business in California should be aware of other data privacy activity. As of January 1, 2021, employment-related data and business to business data will no longer be exempted from CCPA. Additionally, Proposition 24, known as the California Privacy Rights Act, will be on the November ballot in California and could impact apartment firms. To learn more about the ballot initiative, visit the California Legislative Analyst’s Office summary.
NMHC and the apartment industry continue to monitor data privacy legislation and had notable successes during the CCPA rulemaking process. After NMHC filed comments on the proposed CCPA regulations, California Attorney General Becerra made some changes to the regulations that address the industry’s concerns.
The number of state data security and privacy standards and breach notification requirements have created a significant compliance challenge for apartment firms. To reduce this compliance burden, NMHC is actively supporting a federal data security and privacy standard.
NMHC has long argued that any standard must be scalable, account for the scope and size of the business and the sensitivity of the data in question. To date, bipartisan agreement on privacy and security standards has eluded Congress. It is likely that this impasse will continue throughout 2020, making compliance with the CCPA and other emerging standards critical for multifamily firms of all sizes.
NMHC’s comprehensive white paper on data privacy includes practical considerations for apartment firms so that they can evaluate organizational practices based on common themes found in each of the notable privacy standards that exist today.
For more information on data privacy and security, please visit NMHC’s data privacy and security advocacy page.
Related Articles
- NMHC-NAA Statement for Senate Commerce Hearing on AI & Data Privacy
- Real Estate Coalition Letter to CISA on CIRCIA/Cyber Disclosure Rule
- NMHC-NAA Statement for House Committee on Energy and Commerce on the American Privacy Rights Act
- NMHC-NAA Statement for Senate Commerce Subcommittee Hearing on Data Privacy
- NMHC-NAA Statement for House Appropriations Subcommittee Hearing on Bulk Billing