With the fall semester in full swing, college students aren’t the only ones with homework to do. Higher education institutions in Maryland must comply with the state’s new privacy law, Maryland Code Title 10, Subtitle 13A, as of Oct. 1.
CCPA/CPRA
Even with the introduction of many new state privacy laws over recent years, the California Consumer Privacy Act (CCPA) and its evolved version, the California Privacy Rights Act, (CPRA) remain two of the most important, complex, and wide-reaching regulations to date. Even if your organization is not based in California, you may need to comply with this legislation.
Zaviant’s team of experts has guided some of the largest companies in the nation through the intricacies of CCPA and CPRA, and we are here to help.
CCPA/CPRA Expertise
CCPA/CPRA Audits and Assessments
Opt-Out Requests
DSARs Management
Data Mapping for CCPA/CPRA Compliance
Virtual Data Privacy Officer (vDPO)
CCPA Compliance as a Service
Trusted by Leaders of Industry
Our team of expert consultants works closely with Fortune 500 companies, mid-market businesses, and not-for-profit organizations spanning industries including retail, manufacturing, finance, technology, and more.
What is CCPA/CPRA?
Enacted into law in 2018, the California Consumer Privacy Act (CCPA) went into effect in 2020. Then, a few years later on January 1, 2023, the CPRA went into effect, building upon the foundation set by the CCPA (in other words, the CCPA was an earlier version of the CPRA). Today, most people reference these two laws interchangeably; however, the new CPRA created the California Privacy Protection Agency (CPPA), expanded the right of consumers to opt out of the sale of their personal data, created a second category of sensitive data, and required businesses to minimize data collection, conduct privacy assessments, and more.
Why Is Complying With CCPA/CPRA Important?
Complying with CCPA/CPRA helps foster trust and consumer loyalty by demonstrating your organization’s commitment to safeguarding data in an era of heightened privacy concerns. Furthermore, CPRA’s broad scope and impact beyond California means that compliance is necessary for both companies headquartered within and outside the state. To add to this, unlike other US state privacy laws, two authorities can enforce the CCPA—the California Attorney General and the California Privacy Protection Agency (CPPA). Therefore, if your organization violates this law, either authority can enforce it.
Finally, individual citizens can sue under the CCPA if their personal account access information is affected in a data breach, exposing your organization to additional liability.
Foster Trust And Loyalty
With heightened privacy concerns, consumers want to feel confident that their data is in good hands.
Develop Robust Privacy Measures
CCPA/CPRA is one of the most comprehensive US state privacy laws to date. Complying will provide your organization with a solid privacy foundation.
Avoid Fines
CCPA/CPRA is enforced by the California Privacy Protection Agency (CPPA) and even allows individuals to sue (private right of action). Compliance is the only way to avoid exposure to financial risks.
A Compendium for Obtaining & Retaining Cyber Insurance
It goes without saying, robust cybersecurity and data privacy measures are a necessity for doing business in this day and age. Without either, an organization’s defenses are left to luck and hope – maybe an adversary will never take notice of the wide-open gaps in your network? (The odds are not in your favor).
How Zaviant Can Help
Zaviant serves as a trusted CCPA/CPRA compliance partner for some of the nation’s largest companies. We can help your organization:
Conduct CCPA/CPA compliance audits and assessments
Become fully CCPA/CPRA compliant
Honor consent and opt-out requests
Manage consumer and employee DSARs and respond quickly
Manage third party vendors in line with CCPA/CPRA standards
Conduct data mapping for CCPA/CPRA compliance
Related Services
GDPR
The General Data Protection Regulation, also known as GDPR, is a data privacy law enacted by the European Union (EU) in 2018.
ISO 27001/2
As organizations continue to navigate the complexities of an increasingly interconnected digital world,.
NIST CSF
In 2013, the National Institute of Standards and Technology (NIST) added a Cybersecurity Framework, known as NIST CSF.