Securiti Named a 2022 Cool Vendor in Data Security by Gartner

Download Now

Avoiding the Pitfalls of CPRA Non-Compliance

The CPRA significantly changes and expands the CCPA's obligations, bringing California privacy law closer to the GDPR, necessitating businesses to ensure compliance and avoid penalties imposed by the CPRA.

  • CPRA is a revised and improved version of the CCPA that goes into effect on January 1, 2023. CPRA is also referred to as CCPA 2.0.
  • CPRA applies to for-profit businesses that buy, sell, or exchange personal information of more than 100,000 customers/households/devices, make more than $25 million in annual revenue or derive 50% of their yearly revenue from selling or sharing consumers' personal information.
  • The CPRA gives data subjects eight different rights regarding exchanging, processing, and disclosing their personal information.


Award-winning technology, built by a proven team, backed by confidence. Learn more.

Important Facts About Avoiding the Pitfalls of CPRA Non-Compliance

The CPRA adds administrative fines for intentional violations involving the sensitive personal information of individuals under 16 years of age. Fines of up to $7,500 may be imposed on entities that aren’t adhering to the CPRA’s requirements.

CPRA improves the CCPA's privacy notice requirements, requiring firms to be honest with their customers if they gather sensitive personal information (SPI) and establish personal information retention periods.

Under the CPRA, businesses need to have the "Do Not Sell or Share My Personal Information" and the new "Limit the Use of My Sensitive Personal Information" options prominently displayed and readily available across multiple pages of their website. Any such requests should be honored and processed straightaway.

Additionally, the CPRA establishes the California Privacy Protection Agency (CPPA) as the exclusive agency responsible for interpreting and enforcing the law. The CPPA will be the first US-based regulatory entity solely focused on data privacy issues, superseding rule-making power from the California Attorney General.

How Securiti’s CPRA Compliance Helps You

Businesses that fall under the CPRA and do business in California have until January 1, 2023, to comply with the new regulation. Businesses will only be punished for CPRA infractions from July 1, 2023.

It should come as no surprise that CPRA will alter how websites acquire customers' personal data. The faster businesses understand and comply with CPRA, the greater their prospects of tightening data protection, meeting compliance, and gaining customer trust.

Securiti’s PrivacyOps platform automates compliance obligations using robotic automation, artificial intelligence, and machine learning, freeing up critical resources for other business areas. Automate all privacy obligations across your organization today to avoid the pitfalls of non-compliance with the CPRA.

All-in-One Solution For Your Business Needs

The Multi-disciplinary practice to grow trust-equity of your brand and comply with privacy regulations

View More

What is CPRA (California Privacy Rights Act) & How to Comply?

The California Privacy Rights Act (CPRA) is California’s state legislation that deals with protecting the digital privacy of its residents. Going into effect on January 1, 2023, it mandates all businesses to audit their data collection, storage, processing...

View More

California Privacy Rights Act (CPRA) Assessment

Get started now to see how CPRA compliant your organisation is!

View More

7 Essential Tips to Prepare for the CPRA

Essential recommendations to start CPRA compliance




Users love Securiti on G2 G2 leader spring 2022 G2 leader summer 2022 G2 leader easiest business 2022 ISO certification RSAC Leader Forrester Badge IAPP Innovation award 2020 Sinet Innovator Award Gartner Cool Vendor Award

Securiti PrivacyOps Named a Leader in The Forrester WaveTM