The California Consumer Privacy Act puts consumers back in the driver’s seat of their own sensitive information, while also requiring a lot from businesses. Let’s discuss the details.
CCPA
In 2018, the State of California Department of Justice approved the implementation of the California Consumer Privacy Act. In many ways, this data privacy regulation is similar to the GDPR, however, there are some notable differences.
For starters, the CCPA secures privacy rights for California consumers, namely:
- The right to know about the personal information a business collects about them and how it is used and shared;
- The right to delete personal information collected from them (with some exceptions);
- The right to opt out of the sale or sharing of their personal information;
- The right to non-discrimination for exercising their CCPA rights.
These are the four basic principles that comprise the CCPA’s regulations, as well as shape how organizations and businesses approach PII discovery under this specific legislation. If you’re interested in taking a deeper dive into the CCPA legislation, then you’ll find A Simple Breakdown of CCPA Compliance here.
Source: Emplicity
PII Under the CCPA
It’d be difficult to perform accurate sensitive data discovery with the CCPA in mind without first understanding how the CCPA defines PII.
The CCPA defines Personally Identifiable Information as:
any information that identifies, relates to, describes, or could reasonably be linked with a consumer or household.
Some of the basic examples of PII according to the CCPA shouldn’t feel all that new to businesses already operating in the data collection space. First, we have the basic identifiers like a data subject’s name, alias, address, email, SSN, passport number, and so on. But the CCPA protects other forms of PII as well.
Examples of PII under the CCPA:
- Commercial information
-
-
- Records of products purchased, obtained, or considered
-
- Biometric information
-
-
- Fingerprint scans, facial recognition, retina or iris scans, etc.
-
- Internet activity
-
-
- Browsing history, search history, website/app interactions
-
- Geolocation data
-
- GPS coordinates, IP addresses for user position discovery, Wi-Fi or Bluetooth signals, etc
-
- Employment-related information
-
-
- Job title, employer name, employment history, salary and compensation details
-
- Job title, employer name, employment history, salary and compensation details
-
- Education information
-
-
- Grades, behavior records, address on campus, etc.
-
- And all other forms of PII
-
-
- Audio, electronic, visual, thermal, olfactory, etc.
-
CCPA Compliance
Knowing all PII requirements mandated by the CCPA is a great start, but the follow-up question is how can businesses manage to collect and store California consumers’ protected PII correctly?
The first step in achieving CCPA compliance is sensitive data discovery, which is where the PII Tools software enters the chat. PII Tools provides automated data discovery as an on-prem scanner to help organizations locate and remediate sensitive data.
And it achieves this by automating the data discovery process, where you can set the parameters to search for specific users, types of information, or even by regulation, like the CCPA, for instance.
PII Tools helps businesses achieve CCPA compliance by securely and accurately scanning their entire environment, pinpointing any at-risk data, and providing remediation options. You can also perform in-house audits to ensure all your stored data is CCPA-compliant before any California officials come knocking.
Streamline CCPA Data Discovery
There’s no reason to spend extra time and resources trying to manually follow the CCPA’s intricate regulations. PII Tools knows exactly what to look for, meaning you can protect your business from potential penalties or fines as well as protect your data subjects with regulation-compliant PII storage.
If you’re a California-based organization, or any of your data subjects are proud Californians themselves, then use PII Tools to simplify the whole PII discovery process and ensure your entire system is CCPA compliant!
CCPA Data Discovery Can Be Easy & Secure - See How PII Tools Makes it Possible!
