You've determined that your business is subject to the California Consumer Privacy Act ("CCPA") and are engaged in your CCPA assessment and compliance efforts. January 1 is close. It's time to measure your CCPA implementation progress.
This post is the second of three articles to help you assess your compliance progress and meet your CCPA obligations.
What is the status of your disclosure and opt-out preparedness?
BEFORE you collect personal data or AT the point of collection, you must disclose to the consumer:
The CCPA requires you to exercise control and oversight over third party use of personal data.
Your data inventory and mapping and selling assessment efforts should highlight your third-party management needs for CCPA purposes. Have you:
The CCPA gives consumers the right to sue you if a data breach results from unreasonable security practices. Have you revisited your IS processes and technology and your data incident response and resiliency plan to make sure that they are up-to-date, reasonable, and address CCPA requirements, such as third-party access and verification of consumer requests?
As you prepare for CCPA compliance, look for an assessment solution that automates end-to-end security and data protection assessments and provides a way to manage and oversee third-party relationships.
By Paige Boshell, Privacy Counsel LLC (Please note that this article is not intended as legal advice and is a high-level overview of some of the more significant CCPA requirements. Please contact legal counsel for a thorough description of CCPA obligations and how they apply to you.) © CENTRL, Inc. 2019