We have a structured methodology to determine and define internal processes to achieve, maintain and monitor CCPA compliance. We have a 6-phase Methodology to help you achieve successful compliance.

Kindly share your details for CCPA requirements

Definition – Personal information

CCPA defines personal information as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers.

Applicable Criteria

The CCPA applies to any business, including any for-profit entity that collects consumers' personal data, which does business in California, and satisfies at least one of the following thresholds:

  • Has annual gross revenues in excess of $25 million;
  • Possesses the personal information of 50,000 or more consumers, households, or devices; or
  • Earns more than half of its annual revenue from selling consumers' personal information.

A fine up to $7,500 for each intentional violation and $2,500 for each unintentional violation (Cal. Civ. Code § 1798.155).[5]

Project Phases
We have a structured phase wise approach to determine the scope of information in scope, and help you comply the requirement.

Phase I – Information flow assessment

This phase involves identification of information sources, and is processing infrastructure that involves personnel, technology, physical infrastructure.

Phase II – Gap Analysis

This phase involves performing privacy impact assessment and security risk assessment to determine security and legal loopholes. Identified gaps are provided with detail recommendations.

Phase III – Control Design and documentation

This phase involves our methodology that involves distribution security responsibility to internal stakeholders, with controls policies and transactions that ensures that CCPA is well embedded in the organization processes. This also includes nomination of a data protection officer and creating data protection office, for the organization, if necessary.

Phase IV – Tracking

This phase involves tracking the client risks, and documentation on a weekly basis till all internal controls are adequately implemented.

PHASE V – Performance Tracking

This phase involves showcasing client with changes in a given period by providing change specific score of compliance between 0 -100% compliance.

Phase VI – Internal Audit

This phase involves verifying the governance system created for the organization is well in place and ready to declare as CCPA compliant.

At this stage the client has implemented the governance system in completeness. Management is expected to perform monthly/quarterly/annual planned tasks to keep ongoing compliance.
Call or write to us at :
for proposal / roadmap / information
Would You Like To Speak To Our CCPA Compliance Consultant?
Contact Us Now !