Companies woefully unprepared for CCPA compliance

2022-02-03 04:30

Only 11% of companies are able to fully meet CCPA requirements, especially when managing Data Subject Access Requests, according to a CYTRIO research.

The research also showed a disconnect in compliance with 44% of companies not providing any mechanism for consumers to exercise their data rights despite stating they needed to comply with CCPA in their privacy policies.

"The findings of our research show that companies are woefully unprepared for CCPA compliance, especially when it comes to enabling and responding to consumers' data privacy rights," said Vijay Basani, CEO of CYTRIO. "An overwhelming majority are manually responding to data requests with only a small number implementing DSAR management automation solutions. The reliance on manual processes exposes them to high DSAR compliance costs, long response times, errors that will erode consumer trust, and non-compliance actions by the California Privacy Protection Agency."

California companies were not doing any better than their peers in other U.S. states, even though CCPA is a California regulation that gives its citizens' control over their personal information.

Only 15.6% of companies in California had a DSAR management automation solution, and 59.3% of California companies used manual processes, higher than any other state.

Other key findings Although B2C companies collect more consumer data, there was no statistically significant difference in the number deploying DSAR management automation solutions when compared with B2B companies.

News URL

https://www.helpnetsecurity.com/2022/02/03/meet-ccpa-requirements/

#ccpa #compliance