CALIFORNIA CONSUMER PRIVACY ACT (CCPA)
The CCPA is the first of many State data protection laws, with Federal laws following. Organisations should not treat these regulations as a one-off compliance project, rather as a mandatory regulatory opportunity to create an organisational framework to pro-actively address data management, not only data privacy.
Data management, including data lineage, play a vital role in CCPA by cataloguing and modelling where data exists within an organisation as well as where it flows. Allowing for full transparency on what data is collected, where it is stored, who has access to it and how it is used. Solidatus helps to build an organisational digital dashboard providing understanding to management of the importance of personal data and transparency to the regulator, should a proof of compliance be required.
Solidatus for CCPA
By using Solidatus, an organisation gains the ability to receive valuable insight into its data landscape. The tool enables an organisation to discover, document, visualise and analyse its data, including personal data to understand what data they hold, what type of data they have and how it moves through their systems.
The Solidatus Data Privacy Module provides a digitised version of the CCPA that enables an organisation to directly link regulatory clauses against their processes, the people that interact with them and the data that is generated and utilised by them. The Solidatus Data Privacy Module also allows organisations to track changes in the regulation over time to automatically assess impact of regulatory change. It also allows businesses to create a common taxonomy of several Data Privacy Regulations such as GDPR, CCPA, LGPD, etc to allow for simplification of implementation and reuse of regulatory work product. Organisations can additionally compare privacy regulations across several dimensions including, scope, jurisdiction.
Visualise and map data
Proactive approach to compliance
Solidatus enables companies to significantly reduce compliance costs by taking a proactive approach to not only CCPA but all personal data regulations. By clearly documenting and auditing their data landscape, privacy impact assessments become instant.