CCPA vs. CPRA: next steps

On January 1, 2020, the California Consumer Privacy Act (CCPA) took effect, giving covered businesses six months to become compliant. Fast forward two years and the California Privacy Rights Act’s (CPRA) effective date is now on the horizon. The CPRA’s requirements will apply to personal information that has been collected since January 1, 2022, meaning that organizations that fall under the CCPA and CPRA’s scope will need to take some key next steps to bring their CCPA compliance programs in line with the CPRA’s new requirements. 

The CPRA amends and expands several requirements outlined by the CCPA and introduces new rights for consumers and employees as well as establishing an independent enforcement agency, the California Privacy Protection Agency (CPPA). The CPRA includes an expanded scope to include employee data, a new category for sensitive personal information (SPI), and regular risk assessment requirements. 

Download this eBook to learn more about the next steps you need to take to go from CCPA to CPRA compliance.

Learn more about:

  • Expanded Data in Scope
  • New Consumer & Employee Rights
  • Data Policies for Retention & Sensitive Personal Information
  • Risk Assessments & Cybersecurity Audits
  • How OneTrust Helps to Automate CPRA Compliance

Follow OneTrust on LinkedInTwitter, or YouTube for the latest on the next steps from CCPA to CPRA.

On-demand webinar coming soon...

You may also like


Privacy Management

Managing data transfers within the UK & EU

Join our experts as we discuss ways to effectively manage data transfers between the UK & EU while staying compliant with the latest privacy regulations.

October 31, 2023

Learn more


Third-Party Risk

5 Ways to save time when assessing third parties for privacy and security risks webinar

Join our webinar and learn how to save time and streamline third-party risk assessment throughout the TPRM lifecycle.

October 25, 2023

Learn more


Privacy Management

Embedding privacy by design to enforce responsible use of data

In this webinar, we explore the latest in Privacy by Design standards and how to effectively manage the balance between Privacy and Data Governance.

October 18, 2023

Learn more