What is the VCDPA?
VCDPA stands for Virginia Consumer Data Protection Act that allows consumers to access their data and gives them a right to request to delete their personal information by businesses. It also requires businesses to secure consumers’ data through several data protection assessments that companies need for targeted sales or advertising purposes.
On March 2, 2021, the president of Virginia, Ralph Northam (D), signed the Virginia Consumer Data Protection Act (VCDPA) and made it a law. This law made Virginia a second state after California to officially approve specific consumer data protection legislation. It will take effect on January 1, 2023.
In Virginia, the business entities must satisfy one of the two thresholds to join the statute’s scope. Both of the thresholds address the least number of affected consumers.
- The yearly calendar must have personal data of a minimum of 100,000 consumers,
- A yearly calendar must have the personal information of a minimum of 25,000 consumers while deriving above 50% of gross revenue from the sale of consumer data.
What Are Some Security Requirements For Clarification In The VCDPA?
The VCDPA is only applicable to businesses also referred to as the controllers in the commonwealth or producing and selling products or services targeted to the residents of the state of Virginia.
- Right to Delete
The Virginia Consumer Data Protection Act enables consumers to delete their personal information provided or obtained by businesses. There are no specific exceptions to the right to delete the data.
- Access and Data Portability
The VCDPA permits the consumers to obtain a copy of their personal information, and also, they can request data correction. The Virginia Consumer Data Protection Act also addresses businesses providing the consumer’s data copy in a portable, technically feasible, and readily usable format. This way, the consumer can transmit their data to another business without any obstacle. The provision also includes a modifier where the process is carrying out through automated means. However, according to experts, there is confusion, and it is not clear what precisely the “automated means” modifies.
- Targeted Advertising
VCDPA also clears the definition of personal data. According to VCDPA, personal data is reasonable and linkable information of an identified natural person. This data does not contain the information linked to a device of consumers.
- Children’s Data
VCDPA allows online and offline data collection practices and specifies that the business should obey the Federal Children’s Online Privacy Act (COPPA) if a consumer is a child.
New Regulation In Virginia Consumer Data Protection Act 2021
- The VCDPA only applies to controllers with 100,000 consumers’ data or personal data of 25000 consumers while deriving over 50% of gross revenue from the sales of this personal information.
- Controllers have to confirm before processing the personal data of consumers.
- Consumers have a right to access their data.
- Consumers can request the correction of inaccuracies with their data.
- VCDPA also gives consumers the right to request to delete personal information provided or obtained by controllers in certain circumstances. An organization must have to delete the consumer’s data upon request.
- Consumers can request a copy of their personal information. The document should be provided in a portable and usable format by the controller so that consumers can transmit the data to another controller easily.
- Consumers have a right to opt-out of processing their personal information in any sales or advertising that may produce legal effects concerning the consumer.
Why Is Backup Important?
Developing a data backup strategy is essential for organizations to ensure business continuity when incidents occur. In addition, controllers subject to Virginia Consumer Data Protection Act (VCDPA) should revisit their data protection backup strategies to avoid inappropriate personal data storage or restoration.
Have you given any thought to your backup strategy, so your business continues in any unfavorable circumstances? Of course, data must have a backup, but an organization’s strategy for data backup must comply with Virginia Consumer Data Privacy Act (VCDPA).
A data backup strategy is vital for any catastrophe preparedness that takes you towards recovery when an unfortunate event occurs. A backup system allows you to rebuild and run your business in case of any disaster such as a destructive hack, hurricane, infection by ransomware, or any other calamity.
So, it is more beneficial to work on your backup strategy to take you away from any data loss when specific damage happens to your website. The backup plan will help you recover your data and keep you in your business without any loss. If you have decided to go for a backup strategy, you can check more relevant information on our website.
How Can Syllab Help?
It is essential to take appropriate care of backed-up data that contains personal information. SylLab helps companies in their backup data strategy, lets them know where their backed-up data is, how to access it, which data is stored, delete and corrects the personal data as needed.
You can get SylLab free or paid versions; a free version is also fully functional and performs complete, scheduled, or manual of all your databases, WordPress files, plugins, and themes. In addition, you can restore them directly from your WordPress website control panel.
SylLab can help you in offsite data storage so that your data do not sweep away from your main office in case of any unfortunate event. SylLab team provides a comprehensive data protection strategy for transport, management, storage, and retrieval of backed-up data media at a secure offsite facility. So make your life easy, and let us help you with our safe and compliant data centers to access carriers, IT, and cloud services that many businesses require.