California Privacy Rights Act (CPRA)

The California Privacy Rights Act (CPRA)/ California Customer Privacy Act(CCPA) addresses data privacy management by prohibiting certain uses of personal information and requiring companies to maintain records about how that information is collected, used, disclosed, and protected. The General Data Protection Regulation (GDPR) set the stage for a new era of data protection and privacy compliance. It was followed by the California Consumer Privacy Act (CCPA), which paved the way to pass similar laws.

The CPRA encourages companies to release information only when necessary and allows customers to decide whether or not they want their personal data shared with third parties. The CCPA prohibits companies from selling any personal information it has gathered on a customer, unless there is consent from the customer.

Our process involved in achieving CPRA compliance

Support & Establish Accountability

Conduct Detailed Gap Analysis

Information Inventory & Data Flows

Develop operational policies & procedures

Implement processes & technical measures

Monitor & audit compliance

Perform Security / Privacy Gap Assessment

Implement Security & Privacy Controls

Manage & Monitor Control Effectiveness & Efficiency

The steps above are based on an assumption that the organization has a baseline of Information and Cyber Security Practice in place. To name a few of the baseline cyber security hygiene that the industry expects are:

Request a call back?

NEED ASSISTANCE IN CPRA COMPLIANCE SERVICES

error: Content is protected!!