Can I skip monitoring and auditing compliance with CCPA in Connecticut? What are the requirements?

Based on the documents provided, it is not possible to skip monitoring and auditing compliance with the California Consumer Privacy Act (CCPA) in Connecticut. The Connecticut Data Privacy Act (CTDPA) was signed into law on May 10, 2022, making Connecticut one of the first states to pass a comprehensive consumer privacy law ^[1]. However, the CTDPA is a separate law from the CCPA, which is a California state law that regulates the collection and use of personal information of California residents by businesses ^[2].

If your business collects personal information of California residents, you must comply with the CCPA’s requirements, which include providing certain notices to consumers, allowing consumers to opt-out of the sale of their personal information, and implementing reasonable security measures to protect personal information ^[2].

Therefore, if your business is subject to the CCPA, you must comply with its requirements, regardless of whether you are located in Connecticut or any other state. It is important to note that the CCPA has significant penalties for non-compliance, including fines of up to $7,500 per violation ^[2].

In summary, you cannot skip monitoring and auditing compliance with the CCPA in Connecticut if your business collects personal information of California residents. You must comply with the CCPA’s requirements, which include providing certain notices to consumers, allowing consumers to opt-out of the sale of their personal information, and implementing reasonable security measures to protect personal information.

Source(s):

• [1] The Connecticut Data Privacy Act
• [2] Privacy Enforcement Actions | State of California - Department of …

Jurisdiction

Connecticut

• Privacy