A Step-By-Step Guide to

California Consumer Privacy

Act (CCPA) Compliance
 Table of Contents

1. What are the CCPA regulations?

Why is the CCPA essential? 2.

Who and what falls under the purview

3.
of the CCPA?
How is BizProspex compliant with the
4.
CCPA regulations?

5. How the CCPA compares to GDPR?

What are the CCPA regulations?
The California Consumer Privacy Act of 2018 (CCPA)
gives consumers more control over the personal
information that businesses collect about them and the
CCPA regulations provide guidance on how to implement
the law. This landmark law secures new privacy rights for
California consumers, including:

● The right to know about the personal information a

business collects about them and how it is used and
shared;
● The right to delete personal information collected
from them (with some exceptions);
● The right to opt-out of the sale of their personal
The regulations went into effect on August 14, 2020.
information; and
Additional amendments to the regulations went into
● The right to non-discrimination for exercising their
effect on March 15, 2021.
CCPA rights.
Why is the CCPA essential?

For California residents who exercise these rights, the CCPA

specifies a non-discrimination clause, meaning that everyone
is accessible to the same services and price, regardless of
whether they allow organizations to sell their data or not.

Intended to enhance consumer protection and data privacy

rights, The CCPA’s goal is to equip consumers with increased
knowledge of what happens with their personal data. It aims
to provide data transparency and accountability, allowing
consumers to see their digital footprint and prevent the
selling of their personal information.
Who and what falls under the purview
of the CCPA?
Personal information (under the CCPA regulations) is
information that identifies, relates to, or could reasonably
be linked with you or your household and which is not in
the public domain. For example, it could include your The CCPA seeks to protect California residents from
name, social security number, personal email address, the risks of unauthorized disclosure of personal
records of products purchased, internet browsing history, information including
Only California residents have rights under the CCPA. A California resident is a identity theft, destruction
natural person (as opposedofto a
geolocation data, or
corporation fingerprints, and inferences
other business entity) whofrom other
resides property
in California, evenand reputational
if the person is damage.In
temporarilyaddition,
outside of the
personal information that could create a profile about your
state. organizations that must follow CCPA compliance are
preferences and characteristics. also required to maintain reasonable security practices
in order to protect consumer data.
Under the CCPA, only publicly available data is not
considered personal information.

3/11
Expected CCPA (California Consumer Privacy Act) compliance of companies in
the United States according to security professionals in 2020

Source Statista

4/11
California Consumer Privacy Act (CCPA) compliance among companies in the United
States as of 2nd quarter 2022, by company size

Source Statista

5/11
How the CCPA compares to GDPR?

Source Deloitte

6/11
4 reasons why only 11% of companies are fully compliant with the CCPA.
CYTRIO, a leading data privacy software company in the US recently released numbers- 5,175 U.S. companies with
revenues ranging from $25 million to more than $5 billion and released the findings in the State of CCPA Compliance: Q1
2022 report.

1. CCPA is a complex regulation to decipher and implement

CCPA is a complex regulation that applies to any company 1) over $25 million in revenue that is conducting business in
California, 2) generating more than 50% of revenue through the sale of personal information, or 3) collecting more than 50,000
pieces of information from California citizens. To keep track of the regulation requirements and associated changes is a
complex task for companies. About 60% of companies with 10,000+ employees researched have deployed an automated data
rights management solution to avoid these high costs.

2. Companies are in a holding pattern

Due to the slow pace of enforcement, many companies slowed the process of implementing CCPA/CPRA compliance
solutions. Some companies implemented a difficult to use manual process with email or web forms to enable consumers to
exercise their rights under CCPA. However, 44% of companies that will need to comply did not deploy any solution at all –
automated or manual.

7/11
3. Many companies are not seeing the large number data requests (YET!)

Some companies are using manual processes to address DSAR compliance, and one reason is they aren’t yet seeing a lot
of data requests. However, data requests will increase several fold as consumers become more aware of their data
privacy rights from continued data breaches and fines associated with non-compliance. Under GDPR, it took almost two
years before the first set of fines were announced, and there has been a massive increase in the number of fines over the
last two years. In 2021, total fines imposed under the GDPR hit more than $1.2 billion.

4. 1st Gen data rights management solutions are complex to deploy

First generation CCPA privacy rights management automation solutions are complex and cumbersome to deploy. In fact,
according to G2, the average reported implementation time for data privacy management software is three months; the
longest implementation is reported at just over five months. This has contributed to a low adoption rate. However, as
next-generation solutions become available that are less complex and easier and faster to deploy, like CYTRIO’s privacy
rights management, adoption will certainly increase.

8/11
How is BizProspex compliant with the CCPA regulations?
BizProspex, being the leading services provider in the BizProspex, being the leading services provider in the
business, understands the requirements and business, understands the requirements and
responsibilities of delivering legitimate and accurate responsibilities of delivering legitimate and accurate
data. We stand out as global leaders when it comes to
data. We stand out as global leaders when it comes to
CRM cleaning, Data appending, Data mining, Tech
CRM cleaning, Data appending, Data mining, Tech install, Data Merging and Data Deduping for B2B
install, Data Merging and Data Deduping for B2B clients. We aim at supplying our clients with public data
clients. We aim at supplying our clients with public data scraping of the highest quality to boost your sales
scraping of the highest quality to boost your sales numbers. At BizProspex, we focus on becoming the
numbers. At BizProspex, we focus on becoming the partner your organization needs to survive, and in the
long run, thrive.
partner your organization needs to survive, and in the
long run, thrive.

9/11
However, we take necessary steps to ensure that the Our privacy policies (that are mentioned on the
CCPA requirements are seamlessly met with, website) clearly state how the data for processing is
collected, how it is processed, who in our team can be
● By conducting an assessment of the data contacted regarding data storage and processing. As a
protection risks associated with any new project CCPA-compliant enterprise its our responsibility to
and initiating a plan to mitigate those risks. ensure that-
● By assessing and implementing the CCPA ● Informing people of a data breach.
compliance to existing or pre-dated data ● Absolutely honoring requests that personal
protection plans. information not be sold.
● By initiating and executing an immediate ● Avoiding discrimination against individuals who
mitigation plan to address any gaps or risks exercise CCPA rights.
posed in delivering our data services.

We claim the highest standards of work ethics with utmost obedience to laws that we are subject to.
All the pre-scraped public data that we collect and process is done so with the contractual consent
of our customers under the purview of CCPA guidelines. At BizProspex our compliance and audit
experts work tirelessly to make sure all the right compliance controls are in place when it comes to
data.

10/11
Partner with us to benefit with the highest-quality and CCPA
compliant data services. Contact us to know more.

https://www.BizProspex.com/

murtaza@bizprospex.com

11/11