RSI Security

Category: California Consumer Privacy Act (CCPA)

Explore expert resources on the CCPA: from breach notification and data security to audit readiness and privacy-by-design. Stay informed and ensure California privacy compliance.

  • Why You Need a Data Privacy Risk Assessment

    Why You Need a Data Privacy Risk Assessment

    A data privacy risk assessment evaluates how personal information is collected, processed, stored, and shared within an organization to ensure compliance with data protection regulations. Many regulatory frameworks, including GDPR, require formal Data Protection Impact Assessments (DPIAs) when processing activities present elevated privacy risks.

    By identifying gaps in data handling practices and implementing mitigation strategies, organizations reduce legal exposure, protect individual rights, and build trust with customers and stakeholders.

    (more…)

  • Is Your Business Ready for CPPA? California’s New Privacy Audit Rules Explained

    Is Your Business Ready for CPPA? California’s New Privacy Audit Rules Explained

    The California Privacy Protection Agency (CPPA) has finalized regulations that represent the most significant shift in California’s privacy landscape since the introduction of the CCPA. Under the amended California Consumer Privacy Act (CCPA), now bolstered by the California Privacy Rights Act (CPRA), businesses are facing new, enforceable mandates for cybersecurity audits, risk assessments, and executive-level accountability.

    (more…)

  • Beginner’s Guide to Privacy By Design Principles

    Beginner’s Guide to Privacy By Design Principles

    Privacy by design (PbD) is a preventative approach to data privacy protection developed by Dr. Ann Cavoukian in the 1990s. Its initial purpose was to develop a robust, scalable model for data privacy that would surpass “privacy enhancing technologies” (PETs) and then-weaker regulatory compliance requirements to guarantee full data privacy. (more…)

  • Data Security Awareness for CCPA Compliance

    Data Security Awareness for CCPA Compliance

    As one of the strongest data privacy regulations in the United States, the CCPA requires organizations subject to its rules and standards to safeguard the privacy of customers’ data. Part of this process means ensuring your staff is aware of the CCPA data security awareness requirements. Read on to learn more about CCPA data security and how to stay compliant. (more…)

  • CCPA Lookback Period: 12 Month Requirement

    CCPA Lookback Period: 12 Month Requirement

    If your organization operates in California, or processes data from many California residents, you are likely subject to the California Consumer Privacy Act (CCPA). One component of the CCPA requirements is adhering to the new CCPA Lookback Period rules, which extend data subjects’ rights to their data into a retroactive period of 12 months. Following these rules means upholding data subjects’ rights in the present and future while accounting for the past, as well. (more…)

  • What is the CCPA Breach Notification Timeline?

    What is the CCPA Breach Notification Timeline?

    If your business processes data belonging to residents of California, and you meet certain size or revenue requirements, you must abide by the California Consumer Privacy Act (CCPA). It doesn’t matter where your company is located; it can impact you regardless. A significant aspect of compliance is CCPA data breach notification. Similar to other frameworks in the US and globally, data subjects have a right to know if their information has been compromised. (more…)

  • How to Meet the CCPA Requirements for Enterprise Privacy Risk Assessment?

    How to Meet the CCPA Requirements for Enterprise Privacy Risk Assessment?

    The California Consumer Protection Act (CCPA) was created to respect and protect consumer data. It ensures certain rights—like the right to opt-out of data collection programs—and it introduces numerous disclosure, privacy policy, and enterprise privacy risk assessment requirements that organizations must follow. (more…)

  • CCPA Email Marketing Compliance Guide

    CCPA Email Marketing Compliance Guide

    Companies that market services or products to consumers in California must comply with CCPA email marketing guidelines to protect data privacy. Essentially, the CCPA protects the rights of consumers in California regarding the collection, use, or sale of personal data. Read on to learn more about CCPA email marketing compliance.
    (more…)

  • What is the CCPA Statute of Limitations?

    What is the CCPA Statute of Limitations?

    The California Consumer Privacy Act (CCPA) protects the rights of data subjects in California. The CCPA statute of limitations refers to two things, broadly: the timeframe within which legal action may be brought against an organization for violating CCPA rights and the duration for which such an organization is allowed to retain data pertaining to a California consumer. Our guide will break down these definitions and explain other essentials of CCPA compliance. (more…)

  • Who Enforces CCPA Compliance?

    Who Enforces CCPA Compliance?

    The California Consumer Privacy Act (CCPA) took effect on July 1, 2020, providing state residents with the most comprehensive data privacy protections in the US. Comparable to the EU’s GDPR, the CCPA specifies individuals’ rights regarding companies collecting, using, and storing their personal data.  (more…)