6 Privacy Tools for CCPA Compliance
This is the latest in Street Fight’s “Pursuing Privacy” series – our editorial focus in January, including topics like GDPR, CCPA, and location data collection. See the rest of the series here and our full slate of monthly themes here.
Unless you’ve been living under a rock, you’ve probably seen plenty of headlines touting the impact of California’s new Consumer Privacy Act. When the CCPA went into effect earlier this month, it gave consumers the right to demand to see the information companies have saved on them. The law also allows consumers to sue companies for violating privacy guidelines. Businesses that serve California residents and either buy, sell, or share information on 50,000 or more individuals or maintain at least $25 million in annual revenue are required to comply with the law.
With the clock ticking on full enforcement, businesses are looking at how they can get into compliance—and fast. Technology vendors have been quick to step in and fill that void, launching integrated privacy management platforms with CCPA and the European Union’s GDPR in mind. Most of these platforms can be configured to specific privacy regulations, helping businesses automate their data collection practices and regularly performing risk assessments to determine whether they’re handling personal data correctly.
Here are six examples of tools that companies can use to ensure CCPA compliance.
OneTrust is a well-known privacy, security, and third-party risk platform. It is used by more than 4,000 companies to streamline privacy programs. OneTrust’s CCPA compliance product is a purpose-built suite of technology solutions that helps organizations pinpoint where personal data resides and how it is being used. OneTrust says its solution can streamline a company’s ability to manage and respond to consumer rights and opt-out requests.
Clarity in privacy is what Clarip is all about. The comprehensive data privacy solution was designed to handle the data privacy risks that businesses face in today’s environment of increased regulation. Clarip’s line of data privacy management software is designed for businesses, ranging from Fortune 500 companies to technology startups, that are concerned about compliance with GDPR and CCPA. Clarip offers data mapping and flow, personal data discovery, privacy program assessment, consent management tools, and website scanning/cookie management.
The TrustArc platform is a comprehensive solution for businesses looking to manage their privacy programs. TrustArc’s platform includes a centralized dashboard with privacy compliance KPIs, a privacy insights feed, and the ability to monitor risk and program maturity level. Businesses can also use TrustArc to identify gaps and risks for multiple regulations, including CCPA. TrustArc’s platform and modules are integrated and scalable, which means they work together and they can grow with a company.
CENTRL’s Privacy360 solution is a purpose-built privacy program management platform that was specifically developed to help companies achieve compliance with the latest regulations. Businesses can choose from the GDPR Edition or the CCPA Edition, with flexible core modules that can be configured to comply with specific industry regulations. Privacy360 is set up to help with data mapping and data inventory, readiness and impact assessments, and risk and issue mitigation. Businesses can generate data mapping reports by subject or processing activity, and they can use Privacy360 to create standardized consumer rights management workflows.
Companies that need guidance as they sort through the data they are collecting can work with LogicGate to get into compliance. LogicGate gets its clients into CCPA compliance by taking a holistic look at existing risk and compliance programs and then addressing the areas where companies fall short. LogicGate’s Third-Party Risk Management solution can be useful for companies trying to get a handle on what personal data is being shared with outside companies and what steps are being taken to protect it. Its Policy Management tool can help with more formal documentation about data management practices.
Despite its name, GDPR365 is a platform that can do more than just help companies get into compliance with the E.U.’s GDPR. GDPR365 works primarily with small to medium-size businesses. The company helps these business owners understand data protection and simplifies the process of privacy compliance. Because GDPR and CCPA are similar, businesses can use many of GDPR365’s tools, like data breach management, data subject access request, and data mapping, to come into compliance with the latest privacy regulations.
Stephanie Miles is a senior editor at Street Fight.