Going into the fourth quarter of 2022, businesses should be aware of changes in the law that could affect them in 2023. One quickly changing area of regulation is data privacy. You may assume that if your business is not physically located in a particular state, like California, it is not subject to that state's laws. However, beginning in January 2023, the scope of the California Consumer Privacy Act (CCPA) becomes broader and may become applicable to your business; noncompliance could result in both regulatory and monetary penalties.