With about eight months to go, 44% haven’t even begun the implementation process.
The findings from Dimensional Research and TrustArc echo the GDPR readiness of organizations eight months before that law was to go into effect. The deadline for compliance with CCPA is January 1, 2020.
California, Here We Come
The CCPA will give California-based consumers similar data protections that EU-based individuals now enjoy under GDPR. These include the right to know what data is being collected and how it’s being used, the right to refuse the sale of such data, and the right to delete such data.
The law, based on an opt-out consent model as opposed to GDPR’s op-in requirement, will impact any business, large and small, that collects data on California-based customers.
Once implemented, CCPA will be the toughest privacy law in the country.
Is History Repeating Itself?
Will organizations straighten up their act in time? Not if GDPR taught us anything.
In fact, according to a recent IT Governance report, 71% of EU-based organizations are still struggling to fully comply with GDPR. This leaves them vulnerable to major fines (as much as 4% of global revenue) and other damages related to erosion of customer trust and reputation.
Regulations That Actually Help Businesses
But that’s not all. As Waterline Data founder and CTO Alex Gorelik wrote in an article about companies struggling with GDPR compliance, complying with these regulations shouldn’t just be a defensive maneuver. Getting your data house in order brings big, long-term benefits. Not only are you cutting down on wasteful data sprawl and non-compliant data consumption, you’re improving the analytics health of your enterprise.
The organizations that will remain competitive tomorrow aren’t just looking to meet CCPA, GDPR and other regulatory requirements today. They’re leveraging compliance with these laws as a starting point for deriving more value from their data. This allows them to move from a defensive approach to data to bold revenue-generating and cost-saving offense.
Penalties aside, complying with CCPA is a competitive imperative.
Data Cataloging for Data Governance
Here’s where Waterline Data can help. With our GDPR Data Management Solution, businesses can discover, govern and quickly report on any California, GDPR or other regulated data.
Typical data governance tools can tell you what kinds of data should be considered sensitive. The problem is, they assume you already know where the data resides.
There are other tools that can be deployed at the data security and storage level, and they’re very good at helping you lock down sensitive data. But these tools suffer from the same problem. They don’t tell you where regulated data is located, where the data came from or where it’s going or how to identify, report and control new regulated data is it comes in.
Waterline Data provides the only solution that directly addresses the challenges presented by the growing number of data privacy laws with software that automatically discovers regulated data, generates reports on the status of your compliant and non-compliant data, and makes it easy to secure your data.
Check out our white paper on data governance to learn more.