What is Deidentified Information in the California Consumer Privacy Act (“CCPA”)?

What is Deidentified Information in the California Consumer Privacy Act (“CCPA”)?

Deidentified means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer, provided that a business that uses deidentified information:

(1) Has implemented technical safeguards that prohibit reidentification of the consumer to whom the information may pertain.

(2) Has implemented business processes that specifically prohibit reidentification of the information.

(3) Has implemented business processes to prevent inadvertent release of deidentified information.

(4) Makes no attempt to reidentify the information.

 

Stay Ahead of the Curve! Explore our comprehensive CLIClaw CCPA & CPRA Compliance Library for in-depth resources and insights.

 

These materials were obtained directly from the State Government public websites and are posted here for your review and reference only.  No Claim to Original State Government Works.  This may not be the most recent version.  The State may have more current information.  We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to.  Please check the linked sources directly.