No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

CCPA Readiness Survey: Invest in Privacy at Scale

Data Privacy Proves an Increasingly Critical Component of Future Growth

by Chris Babel
June 20, 2019
in Data Privacy, Featured
symbol of law and justice with California State Flag on laptop

TrustArc CEO Chris Babel highlights findings and themes from a recent report on the California Consumer Privacy Act and offers guidance on building an effective program for those organizations still at work on CCPA compliance.

The European Union’s (EU) General Data Protection Regulation (GDPR) and a host of other regulations have elevated privacy compliance to the top of global business priority lists. Now, organizational leaders are turning their attention to the California Consumer Privacy Act (CCPA). The CCPA, with its January 1, 2020 enforcement date, is the toughest U.S. privacy regulation to date. Almost every organization that does business in California or handles personal information of California citizens will feel its impact.

Research commissioned by TrustArc — of 250 U.S. privacy professionals from February 15 to 27, 2019 — through Dimensional Research found that for the vast majority (more than 86 percent) of respondents, CCPA compliance is still a work in progress. Yet organizations should not simply work to check compliance off their list. Businesses constantly change, and leaders must develop privacy and compliance programs that can change with the business.

Build Ongoing Compliance; Don’t Check a Box

Many organizations are investing in CCPA compliance either to meet customer, partner or other third-party expectations (62 percent) or to meet internal reporting requirements (45 percent). Viewing compliance from the point of view of checking off a box can be harmful to an organization’s long-term compliance outlook.

Instead, companies should view compliance as an ongoing part of their business strategy by implementing processes to maintain compliance and leveraging technology tools to manage those processes. For some companies, GDPR preparation has offered a window into some of these practices.

Past Experience Gives Some a Leg Up

Organizations that use lessons from GDPR and treat CCPA privacy management as a critical component of future growth are more likely to outpace their competitors in building customer trust and market share. The total CCPA compliance rate is 14 percent of respondents; just 6 percent of respondents that did not work to comply with GDPR are CCPA compliant. Furthermore, 50 percent of respondents say they will leverage more than half of their GDPR programs for CCPA compliance.

Preparing for regulations that already exist has been helpful, if leaders take the right lessons to heart. However, organizations would be wise not to build compliance processes for one specific law in hopes they can reuse part of their efforts should additional laws arise. Instead, whether GDPR has provided them a leg up or not, leaders must ingrain compliance into their company’s culture. Organizations that use CCPA preparation as a way to build a scalable compliance process will achieve compliance and competitive advantage.

Heavy Investments Mean Compliance Must Scale

Creating privacy at scale will be the best path forward for any organization as it contends with the changing regulatory risk landscape. The more innovative companies will look to differentiate themselves from their competition by setting up ethical review committees, ethics teams and data ethics officers to formally consider the implications of algorithms and machine learning on customer trust and business outcomes. Establishing these processes and investing in technology tools and people to build privacy compliance will require heavy capital investments.

Nearly three-quarters (71 percent) of organizations are spending $100,000 or more on CCPA readiness. Nineteen percent are spending $1 million or more. To prepare themselves to meet the CCPA mandate, business leaders are investing this money mainly in technology and tools, consultants, external legal expertise and internal hiring.

Respondents’ three biggest needs show that, while companies are concerned with CCPA specifically, many of their requirements are more general. Of the data privacy tasks for which companies need additional help, conducting privacy risk assessments, developing a CCPA privacy plan and assessing international data transfers are listed by the largest proportions of respondents.

Many of the other tasks with which companies need assistance are broadly applicable to privacy mandates more generally. It’s clear the investments companies make in privacy will be too heavy for these programs not to scale to meet the demands of other, future regulations. The ways in which companies plan to expend their resources on privacy suggest that those that focus on more adaptable, scalable and broadly applicable privacy and compliance programs will be more likely to succeed as the compliance landscape evolves.

Operationalize Privacy

Rather than check CCPA off their to-do lists, organizations should instead make the leap from reactive to proactive by building efficient, scalable processes from the ground up and using technology to automate some of those processes. Taking a proactive approach to privacy will help conserve the budget and create a lasting competitive edge.


Tags: California Consumer Privacy Act (CCPA)GDPR
Previous Post

How Do Monitors Work?

Next Post

TrustArc Privacy Profile Simplifies Cross-Regulation Compliance for GDPR, CCPA, HIPAA and Other Global Privacy and Security Regulations

Chris Babel

Chris Babel

Chris Babel is CEO of TrustArc. He has led the company through significant growth and transformation into a leading global privacy compliance and risk management company. Before joining TrustArc, Chris spent over a decade building online trust, most recently in the security industry as Senior Vice President and General Manager of VeriSign’s worldwide authentication services business. He holds a B.A. in Mathematical Methods in the Social Sciences and Economics with Highest Distinction from Northwestern University.  

Related Posts

gdpr

UK Resurrects Data Protection Reforms, EU Court Rules on GDPR in Civil Cases

by Jonathan Armstrong and André Bywater
March 15, 2023

Recent courtroom and legislative action in Europe will likely have ripple effects around the world for companies subject to regulations...

eu flag

Preparing Your Company for the Latest GDPR Data Transfer Developments & Upcoming Deadlines

by Kevin L. Coy
November 30, 2022

An EU court decision and legislative moves in the U.S. and UK make compliance with privacy regulations increasingly difficult. Arnall...

minidata_b

Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis

by Parker Poe
November 30, 2022

It may be tempting to hoard the data you have gathered on your customers, but an increasing number of regulations...

uk ico data access

UK’s Data Protection Regulator Signals Crackdown on Access Request Violations

by Jonathan Armstrong and André Bywater
October 5, 2022

Data privacy laws in the EU and UK established the right of individuals to find out what personal information organizations...

Next Post
judge's gavel on keyboard

TrustArc Privacy Profile Simplifies Cross-Regulation Compliance for GDPR, CCPA, HIPAA and Other Global Privacy and Security Regulations

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT