CCPA Assessment

Privacy & Data Protection Service
The e-InnoSec consulting team understands the inherent risk and challenges clients face in designing, implementing, and sustaining an effective privacy and data protection program. With the experience of working with various clients in privacy projects we have refined our approach and are able to provide a quick turnaround on privacy data protection projects.

CCPA Assessment

Privacy experts often compare the CCPA to the GDPR because the CCPA borrows certain concepts from the EU law. The five new rights that have been awarded to Californians by CCPA are:

  • A right to know what personal information is being collected about them,
  • A right to know whether their personal information is sold or disclosed and to whom,
  • A right to say no to the sale of personal information,
  • A right to access their personal information, and
  • A right to equal service and price, even if they exercise their privacy rights.

We offer the following services:

Three-step process:

Control Information Flow - Understand where sensitive information travels throughout your organization to safeguard it with your program appropriately

Build Privacy Processes - Build the policies and processes you need for privacy protection, privacy impact assessment, policy management, and other program areas include technology solutions to manage GDPR data subject rights such as consent, right to deletion, etc.

Technology solution deployment steps:

  • Privacy Impact Assessment – Initiation and analysis
  • Compliance road map – Core team, pilot, and solution identification
  • Compliance solutions – Enterprise rollout and training
  • Steady-state – SLA and Continuous improvement

Maintain Privacy and Compliance - Whether you have an official data protection officer on your team or not, we will build repeatable processes for your organization

We perform the following tasks:

  • Advise clients on the scope
  • Guide and educate our client’s team on:
    • GDPR principles
    • Rights available to the data subject
    • Roles and responsibilities
    • Designing a privacy plan
    • Data mapping
    • Identifying risks
    • Documenting policy and procedures,
  • Design a custom approach on how to create an effective data protection program
  • Assist in performing Data Privacy Impact Analysis (DPIA)
  • Assist in the implementation of the program or assess the existing program to identify gaps and remediate
  • Train the staff using SECURETAIN training modules
  • Train the staff on how to monitor the program to ensure sustainability and effectiveness of the privacy and data protection program

The CCPA defines personal information more broadly than California’s other laws. It includes any information that directly or indirectly identifies, describes, relates to, is capable of being associated with, or can reasonably link to a consumer or household. Households are included in the threshold for a covered business under the law. If a business alone or in combination, annually buys, receives, sells, or shares the personal information of 50,000 or more consumers, households, or devices, then the CCPA applies.

Services

  • CCPA assessment – Perform readiness assessment, assess program maturity, identify gaps, provide recommendations, and assist with remediation
  • CCPA compliance – Compliance validation
  • CCPA Advisory services
    • Design and implement
    • Rapid implementation CCPA if GDPR is in place
Would you like to discuss in detail? contact us