OneTrust Commits to Integrating California’s New Privacy Law into Market Leading Privacy Management Platform

OneTrust solutions will support businesses to comply with the California Consumer Privacy Act of 2018

OneTrust will integrate the new California Consumer Privacy Act of 2018 (CCPA) into the OneTrust Privacy Management and Marketing Compliance suite. Many businesses that collect, process or sell the personal data of California residents are subject to the new act, and OneTrust will build assessments, templates and processes into the platform to help companies comply with the CCPA.

The CCPA issues several new rights to California residents (“consumers”):

  • The right to information gives consumers the right to know the sources and categories of personal information a business collects, the business purpose for collecting or selling personal information, the third parties that the business shares this information with, and the specific pieces of personal information it has on a consumer. Section 1798.100 (a), (c), (d); Section 1798.115 (a)
  • The right of deletion gives consumers the right to request the deletion of their personal data. Section 1798.105
  • The right to ‘opt-out’ gives consumers the option to ask businesses not to sell their personal data and opt out of these purposes. Section 1798.120 (a)

Many of OneTrust’s solutions will support business’s efforts to prepare for and comply with the CCPA, which goes into effect on January 1, 2020.

  • OneTrust Assessment Automation and Data Mapping can help businesses understand where personal data exists and across the business. Data Mapping exercises are key to exercising consumer rights to access, deletion and disclosure. Sections 1798.100 (a), (c), (d), 1798.105, 1798.115 (a)
  • OneTrust Data Subject Rights Management Portal can automate the intake, processing and completion of the various new rights under the CCPA. Sections 1798.100 (a), (c), (d), 1798.105
  • OneTrust Vendor Management facilitates the management of vendors for compliance purposes to provide the categories of personal data processed or sold. Section 1798.115 (a)
  • For the right to opt-out, the OneTrust Universal Consent Management module tracks consent provided by the consumer. OneTrust provides a consumer interface to give the ability to opt-out of the sale of their personal data using the “Do Not Sell My Personal Information” link to the OneTrust Preference Center. Section 1798.120 (a)

“The California Consumer Privacy Act is a significant milestone in how the US is reacting to consumer driven demands for online privacy,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “The CCPA gives Californians more control over their personal data, which can create tremendous opportunities and challenges for businesses globally to deliver on these expectations. Although we expect the requirements to continue to evolve between now and 2020 when the law goes into force, OneTrust will continue to innovative our product in parallel to help businesses ease this burden and become compliant with the CCPA.”

OneTrust solutions help businesses operationalize their privacy programs for the CCPA, GDPR and other global privacy laws with the most comprehensive technology backed by deep privacy research, a globally available services team and the large PrivacyConnect user community.