Securiti announces a $75M Series C Funding RoundView
After the promulgation of the General Data Protection Regulations (GDPR) in the European Union (EU), the California Consumer Privacy Act (CCPA) was the next data privacy regulation that had a significant impact for organizations all across the world.
The CCPA is a data privacy law that mandates companies to become better custodians of their consumers' personal information and is often seen as the U.S. counterpart of the GDPR. The law came into effect on January 1, 2020, and has been enforced from the 1st of July 2020.
Here is an overview of this critical privacy regulation.
Consumers who are protected and provided rights under the CCPA are the estimated 40 million residents of California. These rights include:
The CCPA has given an expanded definition for the term 'Personal Information, which protects under the statute. Any information that identifies a particular consumer or household is considered 'Personal Information’.
THIS INCLUDES A HUGE VARIETY OF DATA SUCH AS:
The only exceptions are publicly available information (made public by federal or state authorities) or de-identified consumer information.
If a for-profit entity which does business in California fulfills any one of the following three conditions, they are required to abide by the CCPA regulations.
Businesses on which the CCPA applies also include any entity run or controlled by a business or shares common branding with a business. No distinction has been made between domestic and foreign entities, and a foreign parent company with a controlling interest in a U.S.-based subsidiary would itself also be subject to the CCPA.
There are few industries exempted from CCPA, that are already sufficiently covered under other privacy laws, such as:
Health providers and insurers that are already covered under HIPAA
Financial companies covered by Gramm-Leach-Bliley
Credit reporting agencies under the Fair Credit Reporting Act
The CCPA is based on an opt-out cookie consent regime. Under the CCPA, the following are the requirements for a cookie banner:
Given the rising frequency and severity of privacy scandals and data breaches, CCPA has laid some strict penalties for businesses failing to comply. The penalties are:
The law has come into force from July 1st, 2020, and it is expected that CCPA and other data privacy litigations will only increase in the coming years. The CPRA has already amended the CCPA and increased obligations on businesses and protections to consumers starting from 2023.
Given the expanded definition of the term 'personal information and the tight time frame provided to businesses to respond to privacy disclosure, access, and deletion requests along with other requirements, complying with the CCPA can be very labor-intensive and costly.
Securiti's award-winning solution revolves around the concept of PrivacyOps, which utilizes robotic automation, artificial intelligence, and machine learning to automate compliance tasks, freeing up crucial resources for other areas of business.
Securiti helps businesses discover data over a wide range of internal and external systems, build a People Data Graph to link personal data to each individual, automate data access requests, assessments, consent management, and more.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
3031 Tisch Way Suite 110 Plaza West, San Jose,