The Data Privacy & Tailored Risk Blog

PrivIQ releases its CCPA (California Consumer Protection Act) version - PrivIQ

Written by Tai Chesselet | Jul 7, 2021 4:00:00 AM

The launch of our CCPA service.

We are pleased to announce that we have just released our data privacy management service for the CCPA regulation.

We are at present trialling the service with a number of clients before we do our final launch. We are actively looking for partners in the USA who consult and sell CCPA compliance services and wish to use a collaborative, easy to use service to help their clients achieve and maintain compliance with the CCPA.

In many cases we have found that clients want to have CCPA as well as GDPR compliance, this is managed in our service with the ability to manage both regulations in one solution, simply, easily and affordably.

Obviously as the regulation is amended and altered we will update our service. Our service is already geared towards enabling CPRA requirements as they come due and clients will automatically be upgraded.

Our CCPA service has the same look and feel and general navigation as the 7 other existing regulations we cover, making it easy to comply for many regulations.

Apart from the CCPA regulation being added, we have added a full consent management service to manage opt-in and opt-out consents and enable the extraction of these to other systems via an API. We will be retrofitting this to all of our regulations. This means organisations wishing to manage their consents and extract these to other systems for various purposes will be able to use our service for both compliance management as well as consent management.

For a technical document you can view our onboarding guide https://priviq.com/onboarding-guides-all-legislations/ .

A quick view of the functionality.

Our intuitive home screen, displayed above, shows all of the functions required in order to manage compliance.

From here we enable ongoing compliance reviews and assessment reports, the data mapping function, creation and management of privacy notices as well as employee training and notifications.

In addition we allow full management of consumer requests as well as multiple types of opt-in or opt-out consents including “Do not sell my personal information”.

Operational compliance.

Our operational compliance section covers the required areas of governance, incentives, “do not sell” and consumer access and is a workflow process that enables the ongoing review with review periods to ensure that compliance is being managed continuously.

Should you wish to add an unrelated compliance section this is possible as well to allow the management of all compliance in one space.

Inside the incentives section for example one can see each individual task item, all notes and files linked to it as well as the status of that task, the responsible person and the review dates and intervals.

This can then be graphically reviewed for all compliance sections by responsible person, task owner as well as section.

Data Mapping and governance.

Data mapping is a crucial aspect of the privacy program and is where the personal information inventory is defined. This enables the creation of privacy notices, assists in processing consumer requests and identifies any service providers who process data on your behalf.

Privacy policies and CCPA rights are generated by the service and can then be amended as required then published to the relevant website pages.

Ongoing Tasks.

The main areas of interaction between an organisation and consumers is via consumer requests and consents given. The consumer requests are either a request to know or a request to delete. We provide these as forms to be embedded into a website and then offer a full workflow to process the submitted forms on a fully complaint manner.

The consent management module we have enables a number of different types of consent. It can be used for “Do not sell my personal information” (DNSMPI) requests where we provide a comprehensive form to embed with the ability for the submitter to be the person or their representative, to add files to the submissions and further enables the full access to the submissions and integration via interface files to any system requiring the data.

We have also added the ability to create any number of opt-in and opt-out user defined consents for which you are then provided with a form and can embed anywhere and manage consents other than just DNSMPI.

Thank you for reading this blog. If you are interested in using or selling our service please do not hesitate to contact us. If you wish to register for our CCPA service or a combinational service of CCPA and GDPR, we can refer you to our highly skilled partner network who can assist you with any onboarding you require and help you with your data privacy programs on an ongoing basis.