CCPA RESOURCES CENTER › CCPA COMPLIANCE CHECKLIST

CCPA Compliance: Staying Compliant Checklist

Staying CCPA Compliant

Though most of the work takes place at the front end, it is important for businesses to keep their CCPA compliance up to date as time passes. Besides responding to privacy requests as they come in, this means performing a few maintenance tasks on a quarterly and annual basis.

Quarterly CCPA Maintenance

  • Check privacy inbox for outstanding consumer requests

    It’s also a good idea to review how long it is taking for staff to respond to requests.

  • Make sure all questions and concerns from the privacy inbox have been answered

    Even if they are not formal privacy requests, these are messages that should still be answered.

  • Confirm business is complying with past opt-out requests

    Businesses must wait at least 12 months before asking a consumer to opt in again.

  • Ensure that new employees handling privacy requests have received CCPA training

    The Complete CCPA Guide is a great introduction to the data privacy law.

  • Add or remove vendors from the data map

    This is likely the most difficult task. You must review contracts with any new vendors to determine whether they qualify as CCPA service providers.

Annual CCPA Maintenance

  • Review data map and make any necessary changes

    Your business’s data practices will likely change over time. At least once a year, make sure the data map is still accurate.

  • Update privacy policy to reflect changes to data map

    The CCPA requires businesses to review their privacy policy annually. If the data map is kept up to date, this should be a simple process.

  • Point-of-Collection Audit

    Check whether you are collecting personal information at any new points.

    • Add privacy policy links as necessary
  • Review request-handling instructions

    Make sure requests are being handled in a compliant manner. Also look for any areas that can be improved.

  • Refresh privacy documents as needed

    Service providers’ data privacy agreements (DPAs) may have been updated. Make sure you have the most current versions on file.

  • Check for any changes to the data privacy law and compliance landscape

    Subscribe to a data privacy newsletter for the latest developments with the CCPA and other laws.

Streamlined CCPA Maintenance

Onboarding new vendors and staying up to date on changes to privacy laws can be time-consuming. With TrueVault Polaris, these maintenance tasks are easy to cross off the list so you can get back to your regular job. Our CCPA experts stay current on the latest developments in the law as well as changes to vendors’ data privacy agreements, and integrate these changes into our compliance automation tools.

Contact our team to learn how TrueVault Polaris can help your business get CCPA compliant and stay that way.

Schedule Call