CCPA: A Model to Follow or Avoid? Questions to Consider

Consumer data security and privacy protections have been a long-standing and top concern for insurance companies. Recently, there has been a flurry of activity in the privacy space, with the most widely discussed efforts happening in California.

This paper provides a brief consideration of the California Consumer Privacy Act from an insurance industry perspective. It is not intended to address the nuts and bolts of specific requirements needed for compliance or implementation, but instead to raise several important questions and issues to provide a context for discussions of whether it is timely for other states to consider CCPA as a model for their privacy framework.