How CENTRL Helps

CENTRL's Privacy360 product is a comprehensive Privacy platform that supports California Consumer Privacy Act compliance needs. It includes end to end workflows, controls and analytics in one application to track compliance and risk.

CENTRL Module Features What does it help address in CCPA
Data Inventory Module
  • Provides an automated way to map of all processing activities, data subject categories, data elements.
  • Includes a list of partners/third parties with whom the data is shared, the location and system where the data is stored and other regulation specific information.
  1. Output of the Data Inventory can be used to create disclosures on the privacy pages
  2. Data Inventory serves as the backbone for managing and fulfilling the consumer rights:
    • The Right To Know
    • The Right To Have A Business Delete Your Personal Information

    The data for the incoming requests can be automatically looked up based on the data inventory. Workflows, API's and integration to systems provide a way to comply with delete requests.

Consumer Request Module
  • Provides consumers to exercise their rights: Right to Request Information, Right to Deletion of data.
  • Automates the process of managing and fulfilling request per CCPA compliance
  1. The Right To Know
  2. The Right To Have A Business Delete Your Personal Information
Consent and Preference Management
  • Provides a single system of all consent records.
  • Consumers/end users consent changes are captured directly and then propagated to different systems using API's and integrations.
  • Organizations can look up consent records before selling or sharing data with partners to ensure compliance.
  • The Right To "Opt Out" or "Do Not Sell"
Assessments Module
  • Automate security and other assessments
  • Determine readiness per CCPA for each process
  • Measure effectiveness of controls and risk at different risk areas

While there is no explicit requirement to do privacy assessments per CCPA, this is going to be an important step in the process to determine the gaps and to ensure breaches do not happen. According to CCPA, businesses can be held liable in the event personal non encrypted data is breached. Businesses have to ensure that all necessary controls are implemented internally and at their partners to avoid breaches.

Issues and Risk Mitigation
  • Create and manage issues, gaps and findings per CCPA
  • Create action plans, manage due dates
  • Track issues to closure

Gaps or issues identified during an assessment have to be managed and mitigated in a timely manner.

Useful Links

Privacy360

California Privacy Act Compliance