CCPA

TECHNICAL DEFINITION

The California Consumer Privacy Act (CCPA) is a landmark state statute in California, United States, establishing comprehensive consumer privacy rights for residents regarding the collection, processing, and sale of their personal information by businesses, drawing parallels with global data protection regulations like GDPR.

BACKGROUND

In organizations, shadow IT refers to information technology (IT) systems deployed by departments other than the central IT department, to bypass limitations and restrictions that have been imposed by central information systems. While it can promote innovation and productivity, shadow IT introduces security risks and compliance concerns, especially when such systems are not aligned with corporate governance.

SYNONYMS & ALIASES

• California Privacy Act
• CA Privacy Law
• CPRA (amended version)

USAGE NOTE

Businesses operating in the US, particularly those handling data of California residents, must ensure CCPA compliance to avoid legal penalties.

DEVELOPERS

Organizations developing technology related to CCPA.

• OneTrust

  OneTrust provides a comprehensive privacy management platform that helps organizations automate and manage CCPA compliance, including data mapping, consent management, DSAR fulfillment, and vendor risk management.

• TrustArc

  TrustArc offers technology solutions for privacy compliance, including tools specifically designed to help companies assess, operationalize, and maintain compliance with CCPA regulations.

• BigID

  BigID specializes in data discovery and intelligence, providing technology to help organizations find, classify, and manage sensitive personal data across their environments, which is crucial for CCPA compliance and data security.

• Securiti.ai

  Securiti.ai offers an AI-powered Data Command Center that unifies data privacy, security, and governance, providing tools to automate CCPA compliance through data discovery, DSAR automation, and consent management.

• Varonis

  Varonis provides a data security platform that helps organizations map, analyze, and protect unstructured and semi-structured data, enabling them to identify and secure personal information relevant to CCPA compliance.

• IBM Security

  IBM Security offers various data security and governance solutions, including Guardium and Security Verify, which help organizations manage and protect sensitive data to meet privacy regulations like CCPA.

• Microsoft Purview

  Microsoft Purview provides a unified data governance solution that helps organizations manage, protect, and govern their data estate, offering tools for data discovery, classification, and compliance with privacy regulations such as CCPA.

• Osano

  Osano offers a data privacy platform focused on consent management, vendor monitoring, and data subject access requests (DSARs), providing technology to help companies comply with CCPA.