Call us: +1-855-202-3299
Email: [email protected]
CPRA, HIPAA & GDPR: Data Privacy Laws Affecting Businesses in 2023 - How to Comply?
Speaker: Carolyn Troiano
Speaker Designation: FDA Compliance Consultant
Call us: +1-855-202-3299
Email: [email protected]
Speaker: Carolyn Troiano
Speaker Designation: FDA Compliance Consultant
The California Privacy Rights Act (CPRA) passed by voters in 2020 came into effect on January 1, 2023. It is considered to be an amendment to the California Consumer Privacy Act (CCPA). In this webinar, we will discuss the key changes to California’s landmark CCPA that are included in the CPRA and what businesses have to do to comply with the law.
We will discuss the differences between the CPPA and the CPRA, which adds some consumer rights in California. All of the consumer rights extended by both the CCPA and the CPRA will be delineated and explained. The CPRA also defines what is meant by a business, service provider, contractor, and third party. Further, it defines what is meant by the sale of personal information, the sharing of personal information, and sensitive personal information.
We will also discuss the thresholds required for the CPRA to be applicable to a company, and if it does apply, how a company can prepare by making any necessary policy or procedural changes in order to comply.
During this webinar, we will also cover the Health Information Portability and Accountability Act (HIPAA) in the US and the General Data Protection Regulation (GDPR) that is in effect to protect citizens’ personal data when they reside in the European Union (EU). We will compare and contrast these with the CPRA, providing specific requirements and how industries subject to these regulations can meet compliance.
Any company that does business in the state of California must understand the rules that would force them to comply with both the CCPA and the CPRA amendment to it. Knowing whether these apply to your company is critical in order to fully prepare and be in compliance by July 2023, as any company doing business in California and meeting the thresholds described must comply by that date. This may mean a change to existing policies and procedures, and creating any necessary mechanisms for handling the personal information of California residents in compliance with the rule.
Companies doing business in the US must also adhere to the HIPAA regulation, and those companies that hold personally identifiable data of individuals residing in the EU must meet the GDPRs.
We will discuss the specifics of these three regulations, indicating how they are similar and dissimilar, and the requirements that must be met.
It is important to know whether CPPA, CPRA, HIPAA, and/or GDPRs apply to your company, what obligations you may have imposed on your company as a result, and what you must do to comply with these.
This webinar is geared toward the pharmaceutical, medical device, biotechnology, tobacco, and related FDA-regulated industries, but we will also discuss these in the context of other non-FDA-regulated industries that are also subject to these regulations. The FDA-regulated industries are also subject to requirements for data integrity, as defined by the Agency, and we will cover this aspect.
This webinar will provide valuable insights to:
Carolyn Troiano has more than 40 years of experience in computer systems and data in the pharmaceutical, medical device, tobacco, cannabis, and other FDA-regulated industries, as well as in banking, insurance, and government agencies. She is currently an independent consultant, advising companies on data integrity, privacy, and compliance, including implementing large-scale, complex systems, such as Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), Clinical Trial Master File (TMF and eTMF), Manufacturing, Quality, and Enterprise Content Management (ECM) systems.