0 likes | 49 Views
A Step-By-Step Guide to California Consumer Privacy Act (CCPA) Compliance<br>https://www.bizprospex.com/product/guide-ccpa/
E N D
A Step-By-Step Guide to California Consumer Privacy Act (CCPA) Compliance
Table of Contents What are the CCPA regulations? 1. Why is the CCPA essential? 2. Who and what falls under the purview of the CCPA? 3. How is BizProspex compliant with the CCPA regulations? 4. 5. How the CCPA compares to GDPR?
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. This landmark law secures new privacy rights for California consumers, including: • The right to know about the personal information a business collects about them and how it is used and shared; • The right to delete personal information collected from them (with some exceptions); • The right to opt-out of the sale of their personal information; and • The right to non-discrimination for exercising their CCPA rights. What are the CCPA regulations? The regulations went into effect on August 14, 2020. Additional amendments to the regulations went into effect on March 15, 2021. 1/11
For California residents who exercise these rights, the CCPA specifies a non-discrimination clause, meaning that everyone is accessible to the same services and price, regardless of whether they allow organizations to sell their data or not. Intended to enhance consumer protection and data privacy rights, The CCPA’s goal is to equip consumers with increased knowledge of what happens with their personal data. It aims to provide data transparency and accountability, allowing consumers to see their digital footprint and prevent the selling of their personal information. Why is the CCPA essential? 2/11
Who and what falls under the purview of the CCPA? Personal information (under the CCPA regulations) is information that identifies, relates to, or could reasonably be linked with you or your household and which is not in the public domain. For example, it could include your name, social security number, personal email address, records of products purchased, internet browsing history, geolocation data, fingerprints, and inferences from other personal information that could create a profile about your preferences and characteristics. The CCPA seeks to protect California residents from the risks of unauthorized disclosure of personal information including identity theft, destruction of property and reputational damage.In addition, organizations that must follow CCPA compliance are also required to maintain reasonable security practices in order to protect consumer data. Only California residents have rights under the CCPA. A California resident is a natural person (as opposed to a corporation or other business entity) who resides in California, even if the person is temporarily outside of the state. Under the CCPA, only publicly available data is not considered personal information. 3/11
Expected CCPA (California Consumer Privacy Act) compliance of companies in the United States according to security professionals in 2020 Source Statista 4/11
California Consumer Privacy Act (CCPA) compliance among companies in the United States as of 2nd quarter 2022, by company size Source Statista 5/11
How the CCPA compares to GDPR? Source Deloitte 6/11
4 reasons why only 11% of companies are fully compliant with the CCPA. CYTRIO, a leading data privacy software company in the US recently released numbers- 5,175 U.S. companies with revenues ranging from $25 million to more than $5 billion and released the findings in the State of CCPA Compliance: Q1 2022 report. 1. CCPA is a complex regulation to decipher and implement CCPA is a complex regulation that applies to any company 1) over $25 million in revenue that is conducting business in California, 2) generating more than 50% of revenue through the sale of personal information, or 3) collecting more than 50,000 pieces of information from California citizens. To keep track of the regulation requirements and associated changes is a complex task for companies. About 60% of companies with 10,000+ employees researched have deployed an automated data rights management solution to avoid these high costs. 2. Companies are in a holding pattern Due to the slow pace of enforcement, many companies slowed the process of implementing CCPA/CPRA compliance solutions. Some companies implemented a difficult to use manual process with email or web forms to enable consumers to exercise their rights under CCPA. However, 44% of companies that will need to comply did not deploy any solution at all – automated or manual. 7/11
3. Many companies are not seeing the large number data requests (YET!) Some companies are using manual processes to address DSAR compliance, and one reason is they aren’t yet seeing a lot of data requests. However, data requests will increase several fold as consumers become more aware of their data privacy rights from continued data breaches and fines associated with non-compliance. Under GDPR, it took almost two years before the first set of fines were announced, and there has been a massive increase in the number of fines over the last two years. In 2021, total fines imposed under the GDPR hit more than $1.2 billion. 4. 1st Gen data rights management solutions are complex to deploy First generation CCPA privacy rights management automation solutions are complex and cumbersome to deploy. In fact, according to G2, the average reported implementation time for data privacy management software is three months; the longest implementation is reported at just over five months. This has contributed to a low adoption rate. However, as next-generation solutions become available that are less complex and easier and faster to deploy, like CYTRIO’s privacy rights management, adoption will certainly increase. 8/11
How is BizProspex compliant with the CCPA regulations? BizProspex, being the leading services provider in the business, understands the requirements and responsibilities of delivering legitimate and accurate data. We stand out as global leaders when it comes to CRM cleaning, Data appending, Data mining, Tech install, Data Merging and Data Deduping for B2B clients. We aim at supplying our clients with public data scraping of the highest quality to boost your sales numbers. At BizProspex, we focus on becoming the partner your organization needs to survive, and in the long run, thrive. BizProspex, being the leading services provider in the business, understands the requirements and responsibilities of delivering legitimate and accurate data. We stand out as global leaders when it comes to CRM cleaning, Data appending, Data mining, Tech install, Data Merging and Data Deduping for B2B clients. We aim at supplying our clients with public data scraping of the highest quality to boost your sales numbers. At BizProspex, we focus on becoming the partner your organization needs to survive, and in the long run, thrive. 9/11
However, we take necessary steps to ensure that the CCPA requirements are seamlessly met with, Our privacy policies (that are mentioned on the website) clearly state how the data for processing is collected, how it is processed, who in our team can be contacted regarding data storage and processing. As a CCPA-compliant enterprise its our responsibility to ensure that- • By conducting an assessment of the data protection risks associated with any new project and initiating a plan to mitigate those risks. • By assessing and implementing the CCPA compliance to existing or pre-dated data protection plans. • By initiating and executing an immediate mitigation plan to address any gaps or risks posed in delivering our data services. • Informing people of a data breach. • Absolutely honoring requests that personal information not be sold. • Avoiding discrimination against individuals who exercise CCPA rights. We claim the highest standards of work ethics with utmost obedience to laws that we are subject to. All the pre-scraped public data that we collect and process is done so with the contractual consent of our customers under the purview of CCPA guidelines. At BizProspex our compliance and audit experts work tirelessly to make sure all the right compliance controls are in place when it comes to data. 10/11
Partner with us to benefit with the highest-quality and CCPA compliant data services. Contact us to know more. https://www.BizProspex.com/ murtaza@bizprospex.com 11/11