Effective January 1, 2020, the California Consumer Privacy Act (CCPA) introduces new data privacy rights for California residents – forcing companies that conduct business in the state of California to implement structural changes to their privacy programs. According to research done by OneTrust and the IAPP, two of the biggest obstacles organizations face when it comes to CCPA compliance preparedness is a lack of time and bandwidth, followed by the complexity of the law and uncertainty as to what the final requirements will be.

As a result, many organizations are beginning to prepare now, by replacing spreadsheets and traditional risk management solutions with modern data automation technology and powerful research portals that are purpose-built to solve these challenges at scale. This approach allows organizations to simplify the CCPA compliance process. This blog will outline 5 key steps to start your CCPA compliance programs.

Getting Started with CCPA Compliance

The first step to take toward CCPA compliance is to understand the law. At a high level, the CCPA gives consumers – defined as natural persons residing in California – several rights with respect to the personal information businesses sell or collect about them. Personal information is defined very broadly as information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

The rights outlined in the CCPA will require companies to adapt their privacy programs to comply with the law. Some of these rights include:

  • Right to request information
  • Right to opt out of the sale of your personal information
  • Right to have your personal information deleted
  • Right to be informed that personal information is being disclosed or sold

To learn more about the CCPA, access the OneTrust CCPA Portal at free.dataguidance.com. This is a free resource updated daily by a global team of over 500 lawyers and privacy experts. You can read the full text of the law, access the CCPA Amendment Tracker, and get the latest news and guidance from the industry’s leading regulatory bodies and privacy professionals.

Once you have a clear idea of the areas within your privacy program that need to be created or adjusted, you can begin to prioritize your next steps accordingly. To learn more, download the whitepaper: Getting Started: 5 Steps to Start Your CCPA Compliance Privacy Program. This whitepaper provides practical steps you can take now to prepare for the CCPA and leverage the new law as a stepping stone to build a global privacy program.


Check out our CCPA blog series: