BSI launches its Privacy Assessment Services focusing on the California Consumer Privacy Act (CCPA)

 24 September 2019

New service will provide organizations with a gap analysis and solutions to meet the requirements of the strictest data privacy law in US history

BSI, the business improvement company, announced today the launch of its California Consumer Privacy Act (CCPA) and Data Privacy Services. With a little more than three months before CCPA becomes effective in January 2020, it is important to become aware of the new requirements it brings to organizations doing business in California or with California-based consumers. The new law is a response to consumers’ demands for greater accountability, transparency, and control of their personal data.

Come January 2020, CCPA will be the strictest data privacy law in US history. Companies that do not meet the new requirements are subject to civil action for injunction or penalties of up to $7,500 per intentional violation or $2,500 per unintentional violation. California consumers can also file lawsuits against a company when there are alleged failures to implement and maintain reasonable security practices, even if no harm was done.

CCPA is similar to the European Union’s General Data Protection Regulation (GDPR), a privacy law which came into effect in late-May 2018 that had a global impact. To get ready for CCPA, BSI recommends that organizations assess their privacy and security programs and compare them to the CCPA requirements.

Ryan Hogan, Director of Strategic Advisory Services for BSI, said, “Organizations who are, or will be subject to CCPA have approximately three months to prepare for these new requirements. Our team has been advising clients on how to best meet or exceed CCPA’s new requirements and build out a sustainable and appropriate privacy program. An expanding number of organizations are getting in front of these new requirements as a good business practice, as well as to mitigate the risk of leaking private personal information by human error or cyber-attack. 

Brian Bertacini, Senior Vice President and Managing Principal for BSI, added; “It’s important that organizations understand this is not just a California law. This law will impact every organization or company around the world who has consumers who live or work in the State of California, similar to the way GDPR has impacted companies and organizations around the world.”

BSI is also announcing their online CCPA and Data Privacy training program, designed to help the employees of impacted organizations understand and meet the new requirements.

To help organizations better understand the impacts of CCPA, BSI will be holding an informative webinar Thursday, November 21, 2019 from 2:00 – 3:00 PM ET. Registration is available here.

- ENDS -


About BSI

BSI is the business improvement company that enables organizations to turn standards of best practice into habits of excellence. For over a century BSI has championed what good looks like and driven best practice in organizations around the world. Working with 84,000 clients across 193 countries, it is a truly international business with skills and experience across a number of sectors including aerospace, automotive, built environment, food, and healthcare. Through its expertise in Standards Development and Knowledge Solutions, Assurance, Regulatory Services and Professional Services, BSI improves business performance to help clients grow sustainably, manage risk and ultimately be more resilient.

To learn more, please visit:


About BSI’s Cybersecurity and Information Resilience Business

BSI recently strengthened its cybersecurity and information resilience (CSIR) services in the United States – one of the key markets that is leading the development and implementation of information and cybersecurity best practice – through the recent acquisition of AppSec Consulting. BSI’s cybersecurity and information resilience business helps organizations manage and secure their corporate information by providing expertise to clients on the identification, protection, compliance and management of their information assets through a combination of consultancy, technology, research and training. With a mission to help clients achieve Information Resilience, an environment where infrastructure is protected and secure, regulatory and compliance obligations are met, people are safe and reputation and trust is maintained – BSI’s experience and expertise of its highly qualified consultants traverses the entire Information Governance landscape. BSI’s credentials are enhanced by adherence to internationally recognized accreditations and certifications (OSCP, CISSP, Payment Card Industry Data Security Standard Qualified Security Assessor), and is the originator of the ISO/IEC 27000 series of Information Security Standards and the global leader in providing training and certification to ISO/IEC 27001, the established best practice in Information Security Management Systems (ISMS).


Media inquiries:

Chad Quinn


Tel: +1 571 758 8638