CCPA

The California Consumer Privacy Act, a bill meant to enhance privacy rights and consumer protection for residents of California, United States, was passed on 28 June 2018, on the heels of the European Union’s General Data Protection Regulation (GDPR) enactment in May 2018. CCPA took effect on January 1, 2020, and imposes significant penalties on those that misuse and resell consumers’ private information.

CALIFORNIA CONSUMER PRIVACY ACT (CCPA)

The CCPA is the first of many State data protection laws, with Federal laws following. Organizations should not treat these regulations as a one-off compliance project, rather as a mandatory regulatory opportunity to create an organizational framework to pro-actively address data management, not only data privacy.

Data management, including data lineage, play a vital role in CCPA by cataloging and modeling where data exists within an organization as well as where it flows. Allowing for full transparency on what data is collected, where it is stored, who has access to it and how it is used. Solidatus helps to build an organizational digital dashboard providing understanding to management of the importance of personal data and transparency to the regulator, should a proof of compliance be required.

Solidatus for CCPA

By using Solidatus, an organization gains the ability to receive valuable insight into its data landscape. The tool enables an organization to discover, document, visualize and analyze its data, including personal data to understand what data they hold, what type of data they have and how it moves through their systems.

The Solidatus Data Privacy Module provides a digitized version of the CCPA that enables an organization to directly link regulatory clauses against their processes, the people that interact with them and the data that is generated and utilized by them. The Solidatus Data Privacy Module also allows organizations to track changes in the regulation over time to automatically assess impact of regulatory change.  It also allows businesses to create a common taxonomy of several Data Privacy Regulations such as GDPR, CCPA, LGPD, etc to allow for simplification of implementation and reuse of regulatory work product. Organizations can additionally compare privacy regulations across several dimensions including, scope, jurisdiction.

Company-wide collaboration

Through its automated and collaborative crowdsourcing model, Solidatus allows for quick and effective enterprise-wide identification of where personal information is held. A clear view of exactly where data is and an understanding of how it’s being used in business and IT processes are accessible and shareable with all teams across the organization.

Visualize and map data

Data flow can be clearly mapped out to visualize each contact point and ownership can then be assigned. Once an organization has this knowledge, they can quickly and confidently fulfill customers ‘Right to know’, ‘Right to deletion’, ‘Right to access’ and ‘Right to opt-out’ requests.

Proactive approach to compliance

Solidatus enables companies to significantly reduce compliance costs by taking a proactive approach to not only CCPA but all personal data regulations.  By clearly documenting and auditing their data landscape, privacy impact assessments become instant.

Demonstrate PIA risk

Solidatus can demonstrate to the regulator how and when Privacy Impact Assessments (PIA) were conducted and prove how information is collected, stored, used and deleted and who has access to it. It also clearly shows that data privacy is a key consideration for future change.

Solidatus CCPA Model

Solidatus is used by some of the world’s largest financial institutions

Explicit customer rights established by CCPA

Single incident involving 10,000 consumers, maxium penalty

Becomes law 1st January 2020

Accelerate your CCPA Compliance

Award-winning Solidatus is empowering enterprises globally to accelerate their understanding and optimization of their data and organizational processes. The Solidatus methodology for digitally transforming organizations to be data-centric and lineage-enabled is changing how businesses discover, document, map and manage their data.

Solidatus is a member of the EDM Council.

© 2021. Threadneedle Software Holdings Limited trading as Solidatus | Privacy Policy