This guide distills the California Consumer Privacy Act (CCPA) into discrete phases to help a business achieve and then maintain compliance. The guide is designed for professionals across a wide range of functions who will be impacted by the CCPA. As with all regulatory matters, please consult with your legal team to ensure your plans are consistent with internal guidelines and requirements. If you have questions on any information in this guide, or want to get an update on emerging CCPA news, please contact a TrustArc representative.
This new regulation applies to all for-profit businesses that collect and control the personal information of California residents, do business in the state of California, and either (a) earn $25,000,000 a year in revenue, (b) buy or sell 50,000 consumer records each year, or (c) derive at least 50% of their annual revenue by selling the personal information. All businesses that meet these conditions must comply, whether they are located in California, a different state or even a different country.
Please note that these materials are intended for general and educational purposes only, and they do not constitute legal advice. Your specific CCPA obligations depend on multiple factors that cannot be captured within a simplified checklist.
Modern cyber threats such as data breaches and attacks can have significant productivity and financial effects on the business, ranging from unexpected system downtime and business interruption to system damage and data loss.
ClearDATA is the market leader for healthcare cloud computing and information security services for providers, life sciences, payers and healthcare technology organizations.
The role of privacy officer is one that is growing in importance, partly due to legislation such as the EU General Data Protection Regulation (GDPR) that stipulates the nomination of a privacy officer role with accountability specifically for data privacy.
Many enterprises rely on third-party vendors to help facilitate the delivery of products and services to their customers. However, these relationships come with risk. Data privacy must be a top priority in these relationships.
Europe’s GDPR is widely-discussed in today’s news cycles and for good reason. The regulation impacts many organizations throughout the world, and violations of the regulation can result in material fines. One big question remains for many businesses, how do third-party services fit into this new regulation and what can organizations do to protect themselves from third-party risks to meet the standards?
In Forrester’s evaluation of the emerging market for cybersecurity risk rating solutions, we identified the nine most significant providers in the category — Bitsight, Fico, iTrust, Normshield, Panorays, Prevalent, Riskrecon, SecurityScorecard, and upGuard — and evaluated them. This report details our findings about how well each vendor scored against 10 criteria and where they stand in relation to each other.
This report (re)uses the same data set behind the Internet Risk Surface Report. It is derived from RiskRecon’s work in providing companies objective visibility into their third-party cybersecurity risk. For each organization analyzed, RiskRecon trains machine learning algorithms to discover internet facing systems, domains, and networks. For every asset discovered, RiskRecon analyzes the publicly accessible content, code, and configurations to assess system security and the inherent risk value of the system based on attributes such as observable data types collected and transaction capabilities. RiskRecon provided Cyentia a large anonymized sample of their production data set for this research.
In this white paper, learn more about why cybercriminals prioritize data hacking for financial gain, how your company can protect itself from a breach, and how data minimization practices can reduce the risks of cyber attacks and save you money.
The members of the Better Identity Coalition came together to create a set of consensus, cross-sector, technology agnostic policy recommendations for improving identity in America.