The California Consumer Privacy Act (CCPA) Raises Risks with a Tight Timeline

NOW

JULY 2019

California's Consumer Privacy Act (CCPA) impacts a sweeping range of industries, companies and organizations. The stakes are high - legally, financially, and reputationally. 

For 2019, Jordan Lawrence has updated three products to specifically meet the explicit, implicit, and practical requirements of the CCPA. 

Our solutions are cost effective, efficient, and more legally defensible than any viable alternative.  Static Excel spreadsheets, Visio files, and empty-shell software solutions simply don't work.

 

Compliance efforts will never be sufficient or defensible for companies relying on manual approaches, empty-shell software, or limited technologies that don’t provide the level of diligence necessary to protect your company’s legal and financial position.

  • Expensive

  • Time-Consuming

  • Disruptive

  • Not Sustainable

  • Free Form Surveys

  • Resource-Intensive

  • Lack Standards

  • Not Defensible

  • Extensive Implementation

  • Expensive

  • Limited Reach

  • No  "Unicorns"

It will be impossible to comply with CCPA without accurate and up-to-date inventories of all personal data that is collected, stored, and processed - internally or by service providers or third parties. This inventory must be centralized and fully maintainable. 

ALSO REQUIRED BY: 

Effective & Defensible

Efficient & Sustainable

  • Built directly from the regulations and 30 years of experience

  • Cover all business processes and personal data categories 

  • Address all data sources - including paper and third parties

  • Respond compliantly to all data access requests 

  • Produce solid, defensible, and effective deliverables 

  • Developed in 30 days 

  • No limits to scope

  • Easy to update and maintain 

  • No spreadsheets or Visio diagrams

  • Fully supported by experienced professionals 

 

Any information retained, especially legacy information, is available for a criminal breach, is subject to data access requests, and is subject to discovery and production demands in forthcoming litigation. 

ALSO REQUIRED BY: 

Effective & Defensible

Efficient & Sustainable

  • Proven retention standards for the most sensitive personal data categories

  • Requirements built from the regulations and 30 years of experience 

  • Complete and practical processes for defensible data minimization

  • Repel data deletion requests 

  • Reduce legal and regulatory risks 

  • Developed and implemented in 60 days 

  • No limits in scope

  • Centralized program management

  • Annual program review and updates

  • Fully supported by experienced professionals 

 

Under the CCPA, you have a duty to manage the sharing of personal data with third parties and service providers, and to exercise the appropriate level of diligence. Most legal teams don't have full perspective on all their third-party and service provider relationships. Effective compliance requires companies to identify service providers and third parties and have a detailed understanding of the specific types of personal data shared, processed or managed by each vendor. 

ALSO REQUIRED BY: 

Effective & Defensible

Efficient & Sustainable

  • Integrated risk profile frameworks built directly from the regulations

  • Identify all vendors accessing, processeing, or storing personal data 

  • Surface vendors that pose a high level of risk 

  • Develop an accurate inventory of third parties

  • Fully document your diligence and compliance 

  • Completed in 30 days

  • No limits in scope

  • Supports in-depth risk assessments of your vendors' data protection practices 

  • Centralized and automated to enable ongoing compliance

  • Preset heatmapping to prioritize and focus efforts on the greatest risks 

  • Fully supported by experienced professionals 

 

Client Login

Company

Contact Us

© 2019 Jordan Lawrence. No legal representation made.

Jordan Lawrence is not a law firm and does not provide legal advice.