The California Consumer Privacy Act (CCPA) was amended, effective January 1, 2023, by the California Privacy Rights Act (CPRA). This change gives California consumers additional enhanced controls over their personal data. If a company meets a single CPRA criterion, it must comply with this framework.
The criteria are:
Enforcement of CCPA/CPRA is not bound by geography; instead, the law protects the personal data of California residents regardless of physical location.
The SureShield platform simplifies CPRA, formerly, CCPA compliance by automating technical
controls and guiding you through operational controls. SureShield’s automation will reduce your
overall compliance cost by up to 70% when compared to traditional, labor-intensive compliance
methods. For organizations requiring compliance to multiple frameworks, crosswalk automation
drives cost savings up toward 90%.
Making data practices public and giving consumers the opportunity to make privacy requests earn trust and goodwill.
Smaller businesses can use CCPA/CPRA compliance to signal they’re competitive with anyone.
Successful CCPA/CPRA compliance today will greatly reduce future effort required when other states pass their compliance laws.
CCPA/CPRA is strongly influenced by the EU’s primary data privacy regulation, GDPR. The rights of individuals to control their data are highly protected under both frameworks. Once significant difference: Under CCPA/CPRA, data may be collected until the consumer opts out whereas, under GDPR, no data may be collected until the consumer opts in.
Without repercussion, consumers have the right to delete the information acquired by businesses and refuse the sale of their data. Organizations that collect PII are required to implement and maintain reasonable data security practices and procedures. Sanctions and other remedies can be imposed for violations, regardless of whether there was intent.
Organizations required to comply with CCPA/CPRA must have websites that include:
Activate CCPA/CPRA framework
Install scanner for compliance evidence gathering
Review baseline evidence to score compliance control status
Close compliance gaps
Ongoing compliance and gap surveillance
Enforced maintenance of compliance readiness
Do you need help assessing your compliance readiness? Learn how our automated crosswalk technology will dramatically reduce your labor requirements. Schedule your free consulting session, up to 1 hour.