Comply with the California Consumer Privacy Act

Operationalize compliance with CCPA across your organization.
 Join Now

If you're already a member, click here to log in.

Major Business Pain Points

  • Constant changes and amendments to the California Consumer Privacy Act (CCPA) make it unclear what needs to be implemented.
  • Organizations are unclear on how to operationalize the anticipated increase in data requests from customers or consumers.
Comply with the California Consumer Privacy Act-Pain Points

Recommendations

Key Points

  • Subject Access Requests are the most critical element of CCPA.
  • Build structured data flows. There are many ways to make data flow diagrams. The recommended approach is to use structured swim lanes vs. the historically unorganized visuals.
  • The effort to identify a subject’s applied regulation is not worth the effort: accept all Subject Access Requests regardless of jurisdiction.

Approach

Comply with the California Consumer Privacy Act-Recommendations

This blueprint will help you understand CCPA requirements for responding to data subjects or California residents:

  • Formalize your business-wide operationalization of CCPA.
  • Understand the risk of CCPA non-compliance.
  • Expand subject request processes to all of your data subjects.
 Subscribe to Premium

Methodology and Tools

Executive Brief

Read the concise Executive Brief to find out why you should comply with CCPA and review the methodology.

  • Comply With the California Consumer Privacy Act – Executive Brief
  • Comply With the California Consumer Privacy Act Storyboard

1. Create a Subject Access Request (SAR) process

Understand where your data flows in order to respond to consumer requests for their data.

  • Comply With the California Consumer Privacy Act – Phase 1: Create a Subject Access Request (SAR) Process
  • Example Data Flow Diagram – e-Commerce (Visio)
  • Example Data Flow Diagram – e-Commerce (PDF)
  • Subject Access Request (SAR) Process Checklist
  • Draft Subject Access Request (SAR) Landing Page Template
  • Subject Access Request (SAR) Procedure
  • Subject Access Request (SAR) – Erasure (Visio)
  • Subject Access Request (SAR) – Erasure (PDF)
  • Subject Access Request (SAR) – Rectification (Visio)
  • Subject Access Request (SAR) – Rectification (PDF)
  • Subject Access Request (SAR) Registry Tool

All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.