FREE TRIAL UPGRADE!
Thank you for investing in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content. Click 'UPGRADE' to continue.
CANCEL
YOU'RE ALL SET!
Enjoy your limited-time access to the Compliance Network!
A confirmation welcome email has been sent to your email address from ComplianceNetwork@t.jjkellercompliancenetwork.com. Please check your spam/junk folder if you can't find it in your inbox.
YOU'RE ALL SET!
Thank you for your interest in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content.
WHOOPS!
You've reached your limit of free access, if you'd like more info, please contact us at 800-327-6868.
CLOSE
 
 

...

SEARCH

Privacy - California

RegSenseEnglishState InfoCaliforniaBest ResultsHR ManagementPrivacy and Data SecurityPrivacy and Data SecurityFocus AreaHuman Resources

Summary of differences between federal and state regulations

Amendments made to the California Privacy Rights Act (CPRA) (formerly the California Consumer Privacy Act (CPPA)) take effect January 1, 2023. CPRA-covered employers will have new obligations for employee and job applicant personal information, including notice and disclosure requirements, and new obligations for employees to view, access, correct and delete their personal information.

While the law does not apply to every business in California, it does apply to three categories of for-profit businesses:

  • Businesses with a gross annual revenue of $25 million or more;
  • Businesses that buy, receive or sell personal information of 50,000 California household residents or devices (This figure will soon change to 100,000 California household residents or devices); and
  • Businesses that derive 50% or more of annual revenue from selling consumers’ personal information.

The new rights for California employees include, among others:

  1. the right to know: the employee’s right to notice regarding the type(s) of personal information that their employer collects, sells, shares, or discloses, as well as the right to make a request that the employer to disclose personal information it has collected about the employee;
  2. the right to rectification: the employee’s right to correct or rectify the personal information that their employer maintains;
  3. the right to deletion: the employee’s right to request that the employer delete the personal information that the employer has collected about them;
  4. the right to data portability: the employee’s right to request that their employer provide them with, or transmit to another entity, a copy of their personal information in a reasonable format;
  5. the right to limit use and disclosure of sensitive personal information: the employee’s right to request that their employer limit the use and disclosure of “sensitive personal information” to certain defined activities.

The three main obligations employers have under this law are to:

  • Post a detailed privacy policy about how the employer handles human resources data;
  • Comply with new rights regarding human resources data. This includes the rights to delete, correct, and get a copy of specific pieces of personal information; and
  • Include specific CPRA provisions in contracts with vendors that handle human resources data.

California employers are also required to make reasonable efforts to safeguard the privacy of the employee as to the fact that he or she has a problem with illiteracy. Applies to private employers regularly employing 25 or more employees.

Employers must make reasonable efforts to safeguard the privacy of the employee as to the fact that he or she has enrolled in an alcohol or drug rehabilitation program.

Employers are prohibited from publicly posting or displaying an employee’s Social Security Number (SSN). Employers may not have employees’ SSN printed on any card or on materials that are mailed to the employee.

When furnishing an itemized statement of the employees’ wages, employers must use only the last four digits of the employees’ SSN, or an existing employee ID number other than an SSN.

State

Contacts

California Department of Industrial Relations

California Department of Insurance

Regulations

California Labor Code §1042

California Labor Code §1026

Insurance Information and Privacy Protection Act – California Insurance Code §791 et seq.

California Civil Code §1798.85

California Labor Code §226

Federal

Contacts

None.

Regulations

None.

['Privacy and Data Security']
['Privacy and Data Security']
UPGRADE TO CONTINUE READING
Load More