COMPLIANCE

California Consumer Privacy Act

Schedule

ccpa

In the 21st century, we share and store our most sensitive personal information on phones, computer workstations, and cloud-based services and computers. Today more than ever, a strong privacy and personal data security program is essential to the safety and welfare of the people of California and to our economy.

The California legislature unanimously approved and enacted the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data protection law ever enacted in the United States. Fundamental to this right of privacy is the ability of individuals to control the use, including the sale, of their personal information.

 

Key Provisions of California Data Privacy Law 2018

  • Consumers’ right to know and access personal data
  • Right to Deletion
  • Right to Opt-Out / Opt-In
  • Right to Equal Service
  • Privacy Policy Requirements
  • Disclosure Requirements
  • GLBA/HIPAA/Research/Legal Exceptions

 

Schedule A
Consultation

RSI Security is a full service CCPA Compliance Assessor and Advisory company that is uniquely positioned to assist you in meeting the CCPA requirements, protect personal data as well as honor consumers’ rights as per california privacy law.

RSI Security can evaluate your organization’s data privacy and security policies, procedures, and security controls to regulate the processing of personal data and prevent data breaches. We will identify any potential gaps between the practices and CCPA requirements, and advise corrective actions to be taken in order to be prepared for a CCPA audit.

pexels-photo-6766628.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=2

Our CCPA Services

shield

Personal Data Mapping and Inventory

shield

Privacy by Design Program

shield

Privacy Impact Assessment

shield

Incident and Data Breach Response Planning

shield

Network Penetration Testing

shield

Vulnerability Scanning

shield

Enterprise Privacy Risk Assessment

shield

Personal Data Security Awareness and Training

shield

CCPA Audit and Assessment Services (covering required and addressable technical, physical, and administrative safeguards for the personal data environment)

Value and Benefits of Being CCPA Compliant

  • Increased Customer Trust and Organizational Reputation
  • Increased Personal Data Protection
  • CCPA Audit-Ready and Secure Personal Data Environment
  • Personal Data Security Risk Management
  • Implementation of Information Security Program
  • Effective Incident Response Planning

Who is Required to Comply with the CCPA?

As per the California consumer privacy act text, CCPA Data Privacy Act applies to for-profit businesses that do business in California and fall into one or more of the following categories:

Have annual gross revenue of more than US$25 million derived from or attributable to the state of California (Cal. Rev. & Tax. Code [section] 17942(a)) 

Collect, buy, receive, sell, or share for commercial purposes the personal information of 50,000 or more residents, households or devices annually.

Derive 50 percent or more of annual revenues from selling consumers’ personal information.

Service providers and entities that control or are controlled by such a business and share common branding with that business will also be held accountable.

CCPA is applicable regardless of the size of the organization i.e. sole proprietorships, partnerships, LLCs, corporations, and other organizations that transact in CA and either collect, sell, purchase, or receive consumers’ personal data.

WORK WITH US

Your CCPA Compliance Partner

We are knowledgeable and experienced in providing compliance audit, assessment, and implementation services to organizations in meeting their regulatory compliance requirements, such as PCI DSS, HIPAA, EI3PA, NERC-CIP, NFA, FINRA, and GDPR.

Our experienced consulting team consists of:

shield

Qualified Information Security Assessors (QSA)

shield

Project Management Professionals (PMP)

shield

Certified Information Systems Auditors (CISA)

shield

Certified Information Systems Security Professionals (CISSP)

What Does the CCPA Cover?

Personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

Personal information includes traditional identifiers (e.g. name, postal address, email address, Social Security number, and driver’s license or passport numbers), as well as unique personal identifiers (e.g. biometric information, IP address, internet browsing or search history, and geolocation data).

Penalties for non-compliance with CCPA

Companies that commit intentional violations are subject to penalties of up to $7,500 per violation.

Companies that commit an unintentional violation and fail to remediate within 30 days of receiving notice are liable for up to $2,500 per violation

Companies that experience data theft / data security breaches can be ordered in a civil class action to pay statutory damages between $100 to $750 per CA employee per incident or actual damages, whichever is greater, and any other relief a court deems proper.

vciso-monitoring
CUSTOMERS

Organizations that trust RSI Security

samsung
0b878dc7-3026-4607-a7cb-50a7646672aa-scaled
cmx
PowerDigital_SecondaryLogo_Transparent_Black_67181
cisco-impact
Workwave-1
sandag
tarleton-state-university-logo-freelogovectors.net_
lfmzaf7zwpp5lefojhtn
Rady_Childrens_Hospital_logo.svg
Seal_of_Beverly_Hills_California.svg
century-club-sd

CCPA took effect on January 1, 2020. Businesses must take steps now to ensure compliance and avoid costly data-breach-related litigation and damage to business reputation.

Request a consultation
sparkle