ASG Logo

ASG Perspectives

Blog > September 2018 > Partner Post: Preparing for CCPA—Three Reasons to Start Now

Partner Post: Preparing for CCPA—Three Reasons to Start Now

Even though the California Consumer Privacy Act (CCPA) has a projected enforcement date of January 2020, many companies are wasting no time implementing their readiness plans, and rightly so. As Primitive Logic discussed in our webinar GDPR Comes to America (CCPA): Be Prepared, presented along with ASG Technologies, companies that begin preparing for CCPA today will be ready for the deadline — and to reap the additional benefits that their efforts can deliver.

In our webinar, we asked attendees to let us know where they are today with CCPA readiness plans, and learned that more than half of them have gotten started. Here are the top three reasons that this proactive approach is essential to achieve compliance.

real-1.PNG

Reason 1: It’s Not About Surface-Level Changes

Complying with CCPA is about more than changing some wording in your user agreement or adding some links to your website. Before you can even begin discussing policies, procedures or contracts, you must know exactly what personal data you have, where it came from, where it is going and what you’re doing with it. As you might imagine, filling in these blanks requires a considerable amount of time and effort.
In the webinar, we shared the story of a Primitive Logic client who recently received its first request from a customer to delete his personal data under GDPR. We had worked with this client on its readiness strategy and put in place the elements required to comply with such a request, including:
  • Policies and procedures detailing how data subjects can request erasure and how the company will respond
  • System diagrams and data flow maps for locating a customer’s data
  • Step-by-step instructions for fulfilling data erasure requests, including descriptions of roles and responsibilities detailing who will do what
  • Procedures for confirming erasure with the customer and for retaining records of data erasure requests
Building and implementing these elements required time and effort, but the investment paid off in our client’s ability to respond to this customer’s request completely and promptly. In another webinar poll, attendees indicated they are aware of the complexity that CCPA readiness entails, as one-third cited “multiple areas” as their primary area of concern

poll-2-1.PNG

Reason 2: There Is a 12-Month Lookback
Under CCPA, if a data subject requests a record of the sale or disclosure of their personal data, you must provide information covering the preceding 12 months. So, if a customer contacts you in January 2020 with such a request, you will be required to provide categories of her data that you sold or disclosed going back to January 2019.

slide-2.PNG

If your company is not currently tracking the categories of personal data you sell or disclose and making that information readily available, now is the time to put those capabilities in place.

Reason 3: It Delivers Benefits Beyond Compliance

When many companies think about preparing for CCPA, they see the effort as an expense, a necessary inconvenience to help them avoid penalties and lawsuits. But as we explored in the webinar, the data management efforts behind CCPA preparation can lead to numerous benefits, allowing you to:
  • Improve business efficiency due to faster, easier access to data
  • Understand your customers better
  • Build trust with your customers and business partners
  • Reduce data storage costs (once you discover and delete obsolete or unnecessary customer data)
slide-3.PNG

To learn more about how to prepare for CCPA — and why now is the time to start — watch the full webinar or read this ASG blog post.

 


Comments
Blog post currently doesn't have any comments.
Subscribe