California Consumer Privacy Act Compliance

GET STARTED TODAY

Screen Shot 2020-09-15 at 5.12.48 PM

In the 21st century, we share and store our most sensitive personal information on phones, computer workstations, and cloud-based services and computers. Today more than ever, a strong privacy and personal data security program is essential to the safety and welfare of the people of California and to our economy.

The California legislature unanimously approved and enacted the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data protection law ever enacted in the United States. Fundamental to this right of privacy is the ability of individuals to control the use, including the sale, of their personal information.

 

Schedule a Consultation

Key Provisions of California Data Privacy Law 2018

  • Consumers’ right to know and access personal data
  • Right to Deletion
  • Right to Opt-Out / Opt-In
  • Right to Equal Service
  • Privacy Policy Requirements
  • Disclosure Requirements
  • GLBA/HIPAA/Research/Legal Exceptions

RSI Security is a full service CCPA Compliance Assessor and Advisory company that is uniquely positioned to assist you in meeting the CCPA requirements, protect personal data as well as honor consumers’ rights as per california privacy law.

RSI Security can evaluate your organization’s data privacy and security policies, procedures, and security controls to regulate the processing of personal data and prevent data breaches. We will identify any potential gaps between the practices and CCPA requirements, and advise corrective actions to be taken in order to be prepared for a CCPA audit.

Our CCPA Services

cust-serv-red

Personal Data Mapping and Inventory

cust-serv-red

Privacy by Design Program

cust-serv-red

Privacy Impact Assessment

cust-serv-red

Incident and Data Breach Response Planning

cust-serv-red

CCPA Audit and Assessment Services (covering required and addressable technical, physical, and administrative safeguards for the personal data environment)

cust-serv-red

Network Penetration Testing

cust-serv-red

Vulnerability Scanning

cust-serv-red

Enterprise Privacy Risk Assessment

cust-serv-red

Personal Data Security Awareness and Training

Value and Benefits of Being CCPA Compliant

  • CCPA Audit-Ready and Secure Personal Data Environment
  • Personal Data Security Risk Management
  • Increased Personal Data Protection
  • Increased Customer Trust and Organizational Reputation
  • Implementation of Information Security Program
  • Effective Incident Response Planning

Who is Required to Comply with the CCPA?

As per the California consumer privacy act text, CCPA Data Privacy Act applies to for-profit businesses that do business in California and fall into one or more of the following categories:

Have annual gross revenue of more than US$25 million derived from or attributable to the state of California (Cal. Rev. & Tax. Code [section] 17942(a))

Collect, buy, receive, sell, or share for commercial purposes the personal information of 50,000 or more residents, households or devices annually.

Derive 50 percent or more of annual revenues from selling consumers’ personal information.

Service providers and entities that control or are controlled by such a business and share common branding with that business will also be held accountable.

CCPA is applicable regardless of the size of the organization i.e. sole proprietorships, partnerships, LLCs, corporations, and other organizations that transact in CA and either collect, sell, purchase, or receive consumers’ personal data.

WORK WITH US

Your CCPA Compliance Partner

We are knowledgeable and experienced in providing compliance audit, assessment, and implementation services to organizations in meeting their regulatory compliance requirements, such as PCI DSS, HIPAA, EI3PA, NERC-CIP, NFA, FINRA, and GDPR.

Our experienced consulting team consists of:

cust-serv-red

Qualified Information Security Assessors (QSA)

cust-serv-red

Certified Information Systems Auditors (CISA)

cust-serv-red

Certified Information Systems Security Professionals (CISSP)

cust-serv-red

Project Management Professionals (PMP)

What Does the CCPA Cover?

  • Personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
  • Personal information includes traditional identifiers (e.g. name, postal address, email address, Social Security number, and driver’s license or passport numbers), as well as unique personal identifiers (e.g. biometric information, IP address, internet browsing or search history, and geolocation data).

Penalties for non-compliance with CCPA

Companies that commit intentional violations are subject to penalties of up to $7,500 per violation.

Companies that commit an unintentional violation and fail to remediate within 30 days of receiving notice are liable for up to $2,500 per violation

Companies that experience data theft / data security breaches can be ordered in a civil class action to pay statutory damages between $100 to $750 per CA employee per incident or actual damages, whichever is greater, and any other relief a court deems proper.

vciso-monitoring

CUSTOMERS

Organizations that trust RSI Security

samsung
verizon
hdvest
cisco-impact
sandag
phoneware
cmx
noble-americas
security-on-demand
jets-pizza
digitalrealty
century-club-sd

CCPA took effect on January 1, 2020. Businesses must take steps now to ensure compliance and avoid costly data-breach-related litigation and damage to business reputation.

Schedule a Consultation