What Is the CCPA?
CCPA vs. CPRA
California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act (CCPA), passed in 2018 and effective as of January 1, 2020, requires your organization to have visibility into what data you possess and where it is located. CCPA enhances consumer protection and privacy for California residents and requires businesses and related entities to report data breaches of personal information. Your organization needs to be able to take certain actions with this data.
California Privacy Rights Act (CPRA)
The California Privacy Rights Act (CPRA), which serves as an amendment to the CCPA, was approved by California voters in November 2020 and is being enforced as of July 1, 2023. The CPRA expanded the rights already afforded to California consumers by the CCPA and introduced new rights, including the right to correct inaccurate personal information, the right to receive notice of the use of personal information and opt out of such use, and the right to data minimization and purpose limitations.
What does the CCPA require of organizations?
The CCPA only applies to for-profit organizations that do business in California, collect personal information from California consumers on their own or by others on their behalf, alone or jointly with others determine the purposes and means of the processing, and meet certain threshold criteria.
If your organization fits that description and meets any of the following criteria, that means it will be considered a “business” under the CCPA and is subject to its regulations:
Assuming a given organization qualifies as a business under the CCPA, it must:
Provide notice of consumer rights
Honor consumer rights
Fulfill disclosure and retention obligations
Facilitate consumer requests
Implement security safeguards
How Fortra solutions can help with CCPA compliance
Data Discovery and Tagging
Fortra DLP helps identify and tag sensitive data across your organization's IT environment, ensuring compliance with CCPA's data protection requirements. Powered by machine learning, our data classification solutions intelligently enhance the accuracy and efficiency of your data protection program by recognizing company — and regulation-specific content categories — and analyzing your data at rest and in motion.
Fortra DLP helps identify and tag sensitive data across your organization's IT environment, ensuring compliance with CCPA's data protection requirements. Powered by machine learning, our data classification solutions intelligently enhance the accuracy and efficiency of your data protection program by recognizing company — and regulation-specific content categories — and analyzing your data at rest and in motion.
Data Loss Prevention
Fortra DLP includes robust DLP capabilities to monitor and control the movement of sensitive data, preventing unauthorized access or disclosure, which aligns with CCPA's mandate to protect consumer data. Organizations can set policy rules and levels of enforcement which can also trigger actions from other security products in their data protection ecosystem.
Fortra DLP includes robust DLP capabilities to monitor and control the movement of sensitive data, preventing unauthorized access or disclosure, which aligns with CCPA's mandate to protect consumer data. Organizations can set policy rules and levels of enforcement which can also trigger actions from other security products in their data protection ecosystem.
Incident Detection and Response
Fortra DLP provides real-time monitoring and alerts for suspicious activities involving consumer data, enabling organizations to promptly detect and respond to potential data breaches, as mandated by CCPA's breach notification requirements.
Fortra DLP provides real-time monitoring and alerts for suspicious activities involving consumer data, enabling organizations to promptly detect and respond to potential data breaches, as mandated by CCPA's breach notification requirements.
Reporting and Auditing
Fortra DLP solutions offer robust reporting and auditing capabilities, allowing organizations to generate detailed reports on data handling practices and demonstrate compliance with CCPA during audits or regulatory inquiries.
Fortra DLP solutions offer robust reporting and auditing capabilities, allowing organizations to generate detailed reports on data handling practices and demonstrate compliance with CCPA during audits or regulatory inquiries.
Fortra’s data classification solutions can also help support CCPA compliance through:
