Security icon

Comply With the California Consumer Privacy Act

The start of a privacy revolution.

Unlock This Blueprint

View Storyboard

Solution Set Storyboard Thumbnail

Contributors

  • Mark Bailey, CIO/CTO, Thiele
  • Leon Ravenna, CISO, KAR Auction Services
  • Eight anonymous contributors

Your Challenge

  • Constant changes and amendments to the California Consumer Privacy Act (CCPA) make it unclear what needs to implemented.
  • Organizations are unclear on how to operationalize the anticipated increase in data requests from customers or consumers.

Our Advice

Critical Insight

  • Subject Access Requests are the most critical element of CCPA.
  • Build structured data flows. There are many ways to make data flow diagrams. The Info-Tech approach is to use structured swim lanes vs. the historically unorganized visuals.
  • The effort to identify a subject’s applied regulation is not worth the effort: accept all Subject Access Requests regardless of jurisdiction.

Impact and Result

This blueprint will help you understand CCPA requirements for responding to data subjects or California residents:

  • Formalize your business-wide operationalization of CCPA.
  • Understand the risk of CCPA non-compliance.
  • Expand subject request processes to all of your data subjects .

Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should comply with CCPA, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Guided Implementations

This guided implementation is a five call advisory process.

Call #1 - Understand the types of data requests.
Call #2 - Identify business processes that require data flow visuals.
Call #3 - Build a consumer request process and identify how consumers will submit requests.
Call #4 - Build out procedures for others to action a subject request.
Call #5 - Understand how you will create an iterative process.