- Mark Bailey, CIO/CTO, Thiele
- Leon Ravenna, CISO, KAR Auction Services
- Eight anonymous contributors
- Constant changes and amendments to the California Consumer Privacy Act (CCPA) make it unclear what needs to implemented.
- Organizations are unclear on how to operationalize the anticipated increase in data requests from customers or consumers.
- Subject Access Requests are the most critical element of CCPA.
- Build structured data flows. There are many ways to make data flow diagrams. The Info-Tech approach is to use structured swim lanes vs. the historically unorganized visuals.
- The effort to identify a subject’s applied regulation is not worth the effort: accept all Subject Access Requests regardless of jurisdiction.
Impact and Result
This blueprint will help you understand CCPA requirements for responding to data subjects or California residents:
- Formalize your business-wide operationalization of CCPA.
- Understand the risk of CCPA non-compliance.
- Expand subject request processes to all of your data subjects .
This guided implementation is a five call advisory process.