The California Privacy Rights Act (CPRA) which amends and expands California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California, United States. CPRA gives consumers more control over the personal information that businesses collect about them.
Ensure your organization becomes and maintains compliant with CPRA using Classify360.
CPRA amends and expands upon CCPA, enhancing consumer rights and increases penalties for violations. The Act also created the California Privacy Protection Agency, an agency dedicated to the implementation and enforcement of state privacy laws. CPRA also eliminates the grace period in which violators can correct offenses without penalty, prohibits businesses from keeping PII for longer than they need to, triples the maximum fines for violations involving people under the age of 16, and enacts civil penalties for the theft of login information. CPRA goes into effect on January 1, 2023, pertaining to personal data collected on or after January 1, 2022.
Classify360 automatically maintains a thorough, digital chain of custody for all data processed within the platform. Eliminate human error and confidently comply with data processing agreements.
Opt to remove duplicate files containing PII, redact PII from business critical data, or defensibly delete PII-laden obsolete data to reduce your sensitive data footprint.
Respond to “right to erasure” requests by easily and securely accessing individuals’ personal data such as name, age, credit card number, postal address, IP address, social security number, driver’s license number, passport number, and more residing within your organization’s data. Seamlessly provide proof of fulfillment to requestors.
Grant data steward capabilities to select individuals within your organization, allowing them to manage the classification and remediation of data containing PII with security and precision.
Identify where CPRA and CCPA-relevant data resides within your data stores.
Classify360’s machine-learning powered information engine gathers all CPRA and CCPA-relevant data, grouping it according to refined data models. Data is segmented into internal, public, proprietary, and confidential buckets to inform decision making.
Rely on classification models to demonstrate where your sensitive data lives, what patterns it follows, and how to best remediate data containing PII when an erasure request is filed.
Take action to redact personal information while maintaining the key components of the document for analytical purposes, or defensibly delete documents all together – while clearly demonstrating timely compliance.
Who is Required to Be CPRA and CCPA Compliant?
All companies that serve California residents and have at least $25 million in annual revenue must comply with the law. In addition, companies of any size that have personal data on at least 50,000 people or that collect more than half of their revenues from the sale of personal data, also fall under the law.
How Does Data Governance Ensure CPRA and CCPA Compliance?
Organizations employing strong data governance strategies are able to ensure data is secure, reliable, and available to authorized users who should have access to it. Classifying CPRA and CCPA-compliant data provides organizations insight into where their CPRA and CCPA-regulated data lives, how it it should be protected, and how to best maintain CPRA and CCPA compliance.
What is CPRA and CCPA Compliance?
The California Privacy Rights Act and the California Consumer Privacy Act (CCPA) are state-wide data privacy law that regulates how businesses all over the world are allowed to handle the personal information (PI) of California residents.
What’s the Difference Between CPRA | CCPA and GDPR?
The CPRA and CCPA protects “consumers” who are natural persons and who must be California residents in order to be protected and GDPR protects “data subjects,” who are natural persons and does not specify residency or citizenship requirements.
Will Classify360 Keep a Copy of My Sensitive Data?
Classify360 software uses a manage-in-place principle for an organization’s data, ensuring data persists in its original location. The cloud platform for Classify360 does not make, store, or copy entire files from their original sources. Only indexes that make files searchable are kept in a compressed and illegible form. Analyses and resulting classifications reference data in their original locations. This approach eliminates the burden, cost, and risk of managing additional data and yields a very efficient store of searchable content for a responsive user experience.
Find the product that suits your business
Get started with a 29-minute call with our team
Get free insights into your dark, unstructured data in one week.
