Understanding and addressing CCPA Compliance

CCPAAB-375, California’s new privacy law is now live, having come into effect on January 1st 2020. The CCPA allows anyone who resides in the state to access and obtain copies of data that companies may store on/about them with the right to delete the data as well as opting out of companies selling or monetizing their data.

Companies are required to comply with the CCPA if they comply with any of the following:

(i) They have gross revenues over $25M

(ii) They are a for-profit company that does business in Calfornia and collect the information of more than 50,000 consumers, devices or households.

(iii) 50% of their income is derived from selling personal information.

Storage Made Easy already has a wealth of experience with the European equivalent of CCPA, the GDPR, with its software solution, the Enterprise File Fabric.

Unlike the GDPR the CCPA doesn’t require companies to go through steps such as data collection consent, having a valid reason to collect user information, or requires companies to minimize data collected, although one has to feel that this may come in future revisions.

The File Fabric is a multi-cloud solution, a key requirement for addressing all unstructured data sources that a company may have. Simply put it works with data and files that are off-cloud as well as on-cloud, and if you are evaluating vendors to help with GDPR and CCPA its key to ensure that they can work with all of your data sources.

The File Fabric provides CCPA specific functionality such as providing a mechanism to understand ‘who’ is accessing data, ‘when’, and ‘how’.

When connected to the File Fabric data content is indexed so that it can be checked for PII / PHI which can then be flagged and quarantined until it can be dealt with. Of course not all organizations are created equal in terms of the data that they deal with so the File Fabric’s PII / PHI discovery can  also  be easily tuned to address specific organization requirements enabling companies  to find  any personal data residing inside of content on-cloud or on-premises filers / NAS / SAN. This is a real-time process not a done time discovery so its continuous.

The File Fabric is also used by many global service providers, including many in the United States, so we have made sure that the polices and provisions that users have to agree and adhered with regards to  the CCPA are built into the service provider edition of our solution.

In summary if a company does business in California, or Europe, then it will  need to comply with the CCPA or the GDPR and the File Fabric is a multi-cloud software solution that has the necessary features built in to aid protection of unstructured data.`

If you want to find out more or would like a demo, then please contact us.

Facebooktwitterredditpinterestlinkedinmailby feather
The following two tabs change content below.
The Leading Enterprise File Fabric