1 / 2

California Privacy Rights Act (CPRA) — CCPA vs CPRA — Tsaaro

The California Privacy Rights Act (CPRA) is a new law that extends the California Consumer Privacy Act (CCPA) and provides additional protections for Californians' personal data.

tsaaro
Download Presentation

California Privacy Rights Act (CPRA) — CCPA vs CPRA — Tsaaro

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. California Privacy Rights Act (CPRA) — CCPA vs CPRA — Tsaaro The California Privacy Rights Act (CPRA) is a new privacy law that was passed by California voters in November 2020. It is an amendment to the California Consumer Privacy Act (CCPA) and is set to go into effect on January 1, 2023. The CPRA expands and strengthens the privacy rights of California residents and imposes new obligations on businesses that collect and use personal information. The CPRA also creates a new agency, the California Privacy Protection Agency (CPPA), which will be responsible for enforcing privacy laws and regulations in California. The CPPA will have the authority to investigate violations of the CPRA, issue fines, and bring legal action against businesses that fail to comply with the law. Overall, the CPRA provides California residents with enhanced privacy rights and protections, while imposing new obligations and requirements on businesses that collect and use personal information. Businesses operating in California should start preparing for compliance with the new law to avoid penalties and fines. Understand the new requirements: Businesses should become familiar with the new requirements and obligations under the CPRA. This includes new data retention requirements, limitations on the use of sensitive personal information, new rules regarding data sharing and third-party disclosure practices, and the establishment of data inventory and mapping procedures.

  2. Conduct a privacy assessment: Businesses should conduct a comprehensive privacy assessment to identify the personal information that they collect, use, and share. This includes an inventory of personal information and an analysis of the business’s privacy practices, policies, and procedures. Implement implement reasonable security measures to protect personal information. This includes measures such as access controls, data encryption, and incident response plans. data protection measures: Businesses should Review and update privacy policies: Businesses should review and update their privacy policies to ensure compliance with the CPRA. This includes updating policies related to sensitive personal information, data retention, and data sharing practices. Establish procedures for responding to consumer requests: Businesses should establish procedures for responding to consumer requests related to their personal information. This includes procedures for deleting personal information, providing access to personal information, and opting-out of the sale or sharing of personal information. Train employees: Businesses should train employees on the new requirements and obligations under the CPRA. This includes training on data protection measures, data inventory and mapping procedures, and procedures for responding to consumer requests. Work with service providers and vendors: Businesses should work with their service providers and vendors to ensure compliance with the new requirements under the CPRA. click here to read more about California Privacy Rights Act

More Related