California Consumer Privacy Act was a bill passed with the purpose of giving California residents all the information and control for their perona information. The law was based on the rights of the consumers to request access and deletion of their information that a specific company has stored in its database.
In order to stay within the boundaries of law you need to follow the checklist. And that checklist includes the following points.
Table of Contents
Know your data
The very first requirement for CCPA compliance is having complete information of your data. An organization needs to understand what data is collected, where it is stored and who all have the access to that data. By conducting an insightful data mapping exercise, you can easily create and maintain data inventories and have a clear view into what data flows across. You can basically monitor the CCPA requirements by having a complete knowledge of your information.
Be transparent with your audience
The next requirement for CCPA highlights transparency between the organization and its target audience. An organization must place a conscious link addressing its collection of personal information as well as a conscious ‘not for sale’ link on the website. By doing this you allow visitors to see all your considered opinions and present them with an option to remove sharing with any third party.
Easy and user friendly information requests
For CCPA compliance, the business should have at least two methods for submitting requests. These two requests include— creating a safe web form with a designated email address or having a designated toll free phone line for processing consumer requests.
Respond to requests on time
Another essential requirement that falls under California data privacy law includes easy and quick information requests. The California law mandates companies to respond to all the requests by customers about accessing, deleting and opting their information out of sale. It wants the companies to be compliant about such requests as soon as they recieve it.
Verify and govern internally
When we compare CCPA vs CPRA, there is a major difference. And that difference includes the internal verification and governing. With CCPA, you are supposed to create a verification process in order to address all the customer requests for knowing and deleting data. These requests might include questions related to data in your system. Being a responsible business owner, it is important to identify the requests on your own. But if the consumer fails to satisfactorily identify themselves or verify their rights for information access then the company has the right to deny their request. In such cases, you will also need to keep denial files with a detailed description of denial.
CCPA sensitive personal information should always be made accessible to the consumers. If you are a resident or business owner in California, make sure you bookmark this checklist today.