CCPA RESOURCES CENTER › CCPA COMPLIANCE CHECKLIST
CCPA Compliance: Staying Compliant Checklist
Staying CCPA Compliant
Though most of the work takes place at the front end, it is important for businesses to keep their CCPA compliance up to date as time passes. Besides responding to privacy requests as they come in, this means performing a few maintenance tasks on a quarterly and annual basis.
Quarterly CCPA Maintenance
- Check privacy inbox for outstanding consumer requests
It’s also a good idea to review how long it is taking for staff to respond to requests.
- Make sure all questions and concerns from the privacy inbox have been answered
Even if they are not formal privacy requests, these are messages that should still be answered.
- Confirm business is complying with past opt-out requests
Businesses must wait at least 12 months before asking a consumer to opt in again.
- Ensure that new employees handling privacy requests have received CCPA training
The Complete CCPA Guide is a great introduction to the data privacy law.
- Add or remove vendors from the data map
This is likely the most difficult task. You must review contracts with any new vendors to determine whether they qualify as CCPA service providers.
Annual CCPA Maintenance
- Review data map and make any necessary changes
Your business’s data practices will likely change over time. At least once a year, make sure the data map is still accurate.
- Update privacy policy to reflect changes to data map
The CCPA requires businesses to review their privacy policy annually. If the data map is kept up to date, this should be a simple process.
- Point-of-Collection Audit
Check whether you are collecting personal information at any new points.
- Add privacy policy links as necessary
- Review request-handling instructions
Make sure requests are being handled in a compliant manner. Also look for any areas that can be improved.
- Refresh privacy documents as needed
Service providers’ data privacy agreements (DPAs) may have been updated. Make sure you have the most current versions on file.
- Check for any changes to the data privacy law and compliance landscape
Subscribe to a data privacy newsletter for the latest developments with the CCPA and other laws.
Streamlined CCPA Maintenance
Onboarding new vendors and staying up to date on changes to privacy laws can be time-consuming. With TrueVault, these maintenance tasks are easy to cross off the list so you can get back to your regular job. Our CCPA experts stay current on the latest developments in the law as well as changes to vendors’ data privacy agreements, and integrate these changes into our compliance automation tools.
Contact our team to learn how TrueVault can help your business get CCPA compliant and stay that way.
Disclaimer: This content is provided for general informational purposes only and does not constitute legal or other professional advice. Without limiting the foregoing, the content may not reflect recent developments in the law, may not be complete, and may not be accurate or relevant in an applicable jurisdiction. This content is not a substitute for obtaining legal advice from a qualified licensed attorney in the applicable jurisdiction. The content is general in nature and may not pertain to specific circumstances, so it should not be used to act or refrain from acting based on it without first obtaining advice from professional counsel qualified in the applicable subject matter and jurisdictions.