CCPA in Salesforce
What is CCPA?
The California Consumer Privacy Act (CCPA) regulates data privacy obligations for organizations which do business in the State of California and came into effect on January 1st, 2020.
Who does it apply to?
Any enterprise, regardless of location, which collects or processes personal data of California residents are subject to CCPA regulations if they meet one of the following criteria:
Revenue above $25 million
Make 50% or more of revenue from the selling of consumers personal information
Receives, buys or sells 50’000 or more consumers or household's personal information
Does it have a Salesforce impact?
Salesforce serves as a system of engagement and customer interaction for businesses. This makes it a significant data store of Personally Identifiable Information (PII) such as
Lead, Contact, User
Person Account, Household
Case, Opportunity, Quote, Order etc.
In addition, custom and managed package objects also store PII and often require CCPA compliance.
Data privacy challenges for Salesforce customers are common across industries and company size, and require capabilities to standardize, streamline and automate.
What do I need to consider for my Salesforce Org?
There are three main business considerations for CCPA: