From Collibra: Guidance on CCPA Compliance

CCPA enforcement officially begins today. Upwan Chachra, VP of Product Management, Platform and Privacy, at Collibra, the Data Intelligence Company, offers the following guidance on how to start complying with CCPA now:

• The CCPA will continue to evolve, so prepare yourself for now, tomorrow and the years to come
  • CCPA and GDPR were just the beginning of a wave of data privacy regulations and other states and countries are continuing to pass regulations. It’s not enough to come up with a plan that solves the challenges of CCPA as it stands right now. It is essential to implement a flexible and scalable strategy
• Use your data governance framework as the foundation of your data privacy strategy
  • You have to find the best starting point and Data Governance is a good option. To adhere to privacy regulations, you need to know what data you have, where it is, and why you have it
• Data privacy compliance is interdisciplinary. It is not just the responsibility of the privacy and legal teams
  • Data privacy compliance requires collaboration across the whole organization. All lines of business need to embrace privacy by design principles
• Think beyond data privacy and embrace data ethics
  • Compliance does not equal ethics. It’s possible to have a data governance framework and data privacy practices but still have gray areas around ethical data use. Every individual has their own set of ethics, so a company needs to clarify the standards they expect their employees to uphold and build an ethical culture.
• Technology can empower your teammates to use data compliantly and ethically.
  • In order to comply with data privacy regulations, you need to know what data you have, where it sits, and how you use it. Many organizations handle these activities manually, but technology can automate data processes to expedite these activities and help avoid error.