September 2019

How A Risk Assessment Can Help You Stay In Line With the CCPA

What You Want To Know

You want to provide your customers with the best service you can. You’ve depended on your consumers’ personally identifiable information (PPI) to provide them with exceptional service. Now with California Consumer Privacy Act (CCPA)  around the corner, you’ve got to be prepared by January 2020; a risk assessment will help you get there. 

In short, CCPA is the new regulation regarding consumer’s control of their personal information and its moving data security to the forefront. CCPA has businesses scrambling to figure out what consumers can request, what the penalties are, and what they can do to ease the process. No need to worry, we’ve simplified the data points for you. 

How The Act Gives Consumers Control

This new regulation is amplifying your consumer’s privacy rights. CCPA allows them to know what personal information is collected, deny the sharing or selling of their personal information, and pursue legal action against firms who do not comply. It’s best to consider these three points to ensure you understand what consumers can request.

  1. Providing consumers with the right to request a business to provide information on the categories of personal data it collects.
  2. Enabling consumers to opt-out from businesses selling their data to third parties. Every company must provide notice before using consumer data for other reasons.
  3. Imposing penalties and fines for businesses that fail to implement adequate safeguards for securing PII data against breaches and unauthorized disclosures.
Consumers now have control over their data. Shouldn’t you?

Are You Affected By CCPA?

If you’re worried about whether or not CCPA affects you, keep reading. This new regulation will affect most companies; if you: 

  1. Has annual gross revenues in excess of $25 million;
  2. Possesses the personal information of 50,000 or more consumers, households, or devices; or
  3. Earns more than half of its annual revenue from selling consumers’ personal information.

If your business matches only one of these qualifications, the CCPA will affect you. If it sounds like your business, you must begin making the necessary changes. Since the California Consumer Privacy Act is meant to enhance the privacy rights and protect data belonging to California residents; it has businesses changing their business strategy centered around data security.

What Compliance Entails For You 

We want to make sure your company complies with the new regulation; that means making sure your company has shifted gears in the right direction. So, here’s what you should do. Begin by developing and maintaining transparent data policies. This way, your business can quickly provide explicit responses to your consumers’ requests regarding their data. Increase your efficiency with CCPA by ensuring all data handlers possess sufficient knowledge of the act’s provisions. If your data handlers aren’t well informed of CCPA’s provisions, make sure they get informed or get new data handlers. You don’t need a massive security breach on your hands due to inadequacies. Also, start implementing adequate measures for securing information systems and PII data. You’ll want to make sure that data is protected; otherwise, you’d fall under non-compliance, and you don’t need that. Lastly, maintain an organized system for collecting consumer data. We recommend this approach because it will allow you to provide quick and accurate reports to your consumers, which translates to fewer headaches and less time spent.

CCPA compliance is an important step in ensuring your company’s success.

Your Next Step

The last thing your business needs is an absurd amount of fines due to non-compliance or insufficient security practices. Your business can be liable to suffer up to $7,500 per violation if legal action is pursued by the government and between $1,000 – $3,000 if pursued by a consumer. A non-compliance with CCPA can damage your brand and get your consumers to lose trust in your business. You need a clear path ensuring your business’ success.  Framework Security uses a collaborative cloud-based platform to manage our client’s compliance with the 51 controls in the CCPA. Get in touch for an assessment today.

Read More