11 Things Businesses Should Know About the California Privacy Rights Act

Cybersecurity and Privacy   |   Technology   |   March 1, 2021
Share Share Page

Carlton Fields cybersecurity attorneys Christina Gagnier and Joe Swanson were interviewed in a CISO Mag article on their top tips for companies preparing for the recently passed California Privacy Rights Act (CPRA).

The two attorneys advise that the CPRA should be seen as the “CCPA+” and businesses should turn their attention immediately to the additions that are being put in place to secure compliance and avoid any penalties. 

Gagnier gives insight into the new obligations, such as an expansion of private right of action, a reduction in the cure period for companies, and two other rights: the right to correct and a right regarding data minimization.

Additionally, Swanson suggests that all businesses adopt a data breach response plan outlining how incidents are reported internally, and then triaged and escalated to internal team members and external providers, if they haven’t done so already.

Subscribe to Publications

Media Inquiries

Contact the Media Team


The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.