The CCPA was enacted in 2018 with the aim of helping individuals gain more control over the use of their personal data. More specifically, empowering individuals with decision making power over how, and why, their data is collected, used, sold, protected, and disposed of. CCPA stands for the California Consumers Protection Act. While the CCPA was enacted in California, the law reaches far beyond the California boarder.
The CCPA applies to for-profit businesses that collect and control California resident’s personal information, do business in the state of California, or meet at least one of three thresholds:
Size
Annual gross revenues larger than 25 million
Volume
Receive personal information of 50k or more California residents annually
Revenue
50% or greater annual revenue selling Californian’s data
Possible Penalties for Non-Compliance
Ensuring your organization is CCPA compliant is an important step in strengthening your security posture, and avoiding hefty fines. Possible fines include:
Penalties of up to $7,500 per violation
Up to $2,500 per violation for failure to remediate
Statutory damages between $100 to $750 per CA employee
Getting Compliant
HPS experts will help you build a plan, develop processes, and walk through the steps needed to achieve alignment with CCAP, including:
- Privacy by Design
- Network Penetration Testing
- Personal Data Security Awareness Training
- Personal Data Mapping and Inventory
- Enterprise Privacy Risk Assessment
- CCPA Audit and Assessment Services
- Incident and Data Breach Response Planning
To ensure the highest levels of success, HPS has partnered with OneTrust to leverage its technology platform. The OneTrust platform helps operationalize privacy initiatives for organizations and ensure year after year compliance with all routine privacy requirements.
Contact us today to learn more about how we can help your organization take the necessary steps to come into CCPA compliance.