Demo Support
English
Speak with an Expert
Header Background Shapes Blue

Fast-Track CCPA Data Governance with the Semarchy Data Platform

February 1, 2019

The California Consumer Privacy Act (CCPA) heralds a new era of consumer privacy rights, compelling organizations to overhaul their data management practices. This blog post explores the intricacies of CCPA data governance, exploring its implications for businesses and consumers alike.

About the California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA), was enacted in 2018 and went into effect on January 1, 2020. This landmark piece of legislation secures new privacy rights for California consumers relating to the access to, deletion of, and sharing of personal information that is collected by businesses. 

The CCPA grants new rights to California’s consumers

  • The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information.
  • The right to delete personal information held by businesses and by extension, a business’ service provider.
  • The right to opt out of sale of personal information; consumers are able to direct a business that sells personal information to stop selling that information. Children under the age of 16 must provide opt-in consent, with a parent or guardian consenting for children under 13.
  • The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.

The CCPA imposes new data governance obligations on businesses

  • Provide notice to consumers at or before data collection.
  • Create procedures to respond to requests from consumers to opt out, know, and delete.
  • Respond to requests from consumers to know, delete, and opt out within specific timeframes.
  • Verify the identity of consumers who make requests to know and to delete, whether or not the consumer maintains a password-protected account with the business.
  • Disclose financial incentives offered in exchange for the retention or sale of a consumer’s personal information and explain how they calculate the value of the personal information.
  • Maintain records of requests and how they responded for 24 months in order to demonstrate their compliance.

Semarchy: Repurposing GDPR initiatives for CCPA data governance and compliance

The Semarchy Data Platform is the key data governance and  master data management solution required to fully understand your customers, what data you have about them, and how they interact with your organization. 

This cutting-edge technology includes capabilities for data management, data governance, discovery, and data catalogingall of which are essential pillars of regulatory compliance. Furthermore, Semarchy has specific capabilities aimed at simplifying your compliance journey for CCPA and GDPR:

1. Instantly access all data pertaining to a customer

    Enable data subjects to authenticate via web or call center to access and view their data. Mastering customer data in Semarchy is straightforward, with easy interoperability for standard database and integration systems.

    Ad Banner - Which MDM Solution Is Right For You?

    2. Empower staff to accept and execute requests

    Allow DPOs, data owners, or data stewards to accept requests with intuitive workflows, and act upon them with Semarchy as the central point of coordination and consolidation for the required actions.

    3. Confirm all erasure requests throughout all the data sources

    Ad Banner - Manage Your Diverse Data With Ease

    Harmonize and confirm erasure requests by connecting all relevant data sources to Semarchy and empowering the implementation of delete requests for a single system. Full lineage, traceability, and auditability are maintained while complying with the requirement to eliminate personal data.

    4. Obtain and export data from all systems with a single request

    Empower data subjects to obtain and export all relevant details from systems across the enterprise with a single request from Semarchy.

    Learn more about building an effective GDPR and CCPA data governance solution with a Proof of Value from Semarchy; understand benefits, ROI, milestones, and an implementation timeline in under two weeks.

    Get Your Proof of Value

    CCPA data governance goes beyond IT

    The far-flung scope of where data can live means complying with CCPA is not limited to IT. Businesses cannot simply rely on addressing the issue of CCPA by applying an IT strategy.

    Business teams and front-line staff must have access to this system. Businesses will benefit greatly from implementing ongoing data governance to ensure regulatory compliance and risk reduction. 

    By bringing several data sets together and creating a single database repository that incorporates data matching and is easily accessed by internal stakeholders (not just IT), businesses will be able to tackle CCPA data governance challenges efficiently.