- Mark Bailey, CIO/CTO, Thiele
- Leon Ravenna, CISO, KAR Auction Services
- Eight anonymous contributors
- Constant changes and amendments to the California Consumer Privacy Act (CCPA) make it unclear what needs to implemented.
- Organizations are unclear on how to operationalize the anticipated increase in data requests from customers or consumers.
- Subject Access Requests are the most critical element of CCPA.
- Build structured data flows. There are many ways to make data flow diagrams. The Info-Tech approach is to use structured swim lanes vs. the historically unorganized visuals.
- The effort to identify a subject’s applied regulation is not worth the effort: accept all Subject Access Requests regardless of jurisdiction.
Impact and Result
This blueprint will help you understand CCPA requirements for responding to data subjects or California residents:
- Formalize your business-wide operationalization of CCPA.
- Understand the risk of CCPA non-compliance.
- Expand subject request processes to all of your data subjects .
This guided implementation is a five call advisory process.
Call #1 - Understand the types of data requests.
Call #2 - Identify business processes that require data flow visuals.
Call #3 - Build a consumer request process and identify how consumers will submit requests.
Call #4 - Build out procedures for others to action a subject request.
Call #5 - Understand how you will create an iterative process.
After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.