Non-complying business will face penalties of $750 per consumer per incident (which also means $750,000 for an incident involving 1,000 consumers) or actual damages, whichever is greater.
Also, if your business fails to meet certain data security needs, the affected customers can ask you to fix it within 30 days or face legal action.
To be compliant you will require detailed data mappings to
1) Classifying what data is collected 2) How data is collected 3) Processed and transmitted 4) With whom data is shared 5) Where data is stored 6) How data is used, for what purpose, and by whom?
A "sale" under the CCPA is defined as the "selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means,
a consumer’s personal information by the business to another business or a third-party for monetary or other valuable consideration
CCPA outlines new standards for data collection as well as what happens to businesses who fail to protect user data. We provide mechanisms to retrieve, anonymize and delete customers information upon request.
Identify and safeguard personal identifiable information.Unauthorized release or abuse of PII could result in potentially grave repercussions for the individual whose PII has been compromised. Scan your databases
PCI standard is designed to protect cardholder data by requiring organizations to have an appropriate combination of policies, procedures, technical measures, administrative efforts and physical security
Individually identifiable health information (PHI) is subject to state and federal privacy and security rules including, but not limited to, the Health Insurance Portability and Accountability Act (HIPAA).
Catalog your Structured and Unstructured data. Organizations always know what information they have or where it’s located. In some cases, information may have been stored in file shares or access database by an employee no longer with the company.
Catalog the movement of your data. Know where your data providers are and where your data goes.
Classify the data and establish access privileges based on type and level of confidentiality. Classify your data into Restricted, Confidential and Internal use. Create information retention policies and periodically reassess your model
We make it a priority to offer flexible services to accommodate your needs.