OneTrust for CCPA
OneTrust for CCPA
Effective January 1, 2020, the California Consumer Privacy Act (CCPA) introduces new data privacy rights for California residents – forcing companies that conduct business in the state of California to implement structural changes to their privacy programs.
OneTrust helps organizations of all sizes simplify time to CCPA
compliance with a purpose-built suite of technology solutions and professional services. With OneTrust, your organization can pinpoint where personal data resides and how it is used, streamline your ability to manage and respond to consumer rights and opt-out or Do Not Sell requests.
Complete Solution to Implement the CCPA
CCPA Research & Readiness
Become a CCPA expert with research portals and prepare to report to your board with CCPA maturity & planning and program benchmarking tools.
CCPA Privacy Management Software
Operationalize and automate CCPA requirements across opt-out of sale, consumer rights, and privacy governance operations.
CCPA Professional Services
Get help planning and implementing the CCPA with a CCPA readiness check up, and our implementation and validation services.
CCPA Global User Community
Collaborate with industry peers on best practices on implementing the CCPA at free PrivacyConnect workshops, and in customer advisory boards.
CCPA Research and Readiness
Become a CCPA Expert and Report to Your Board
CCPA Research Portal & Amendment Tracker
CCPA Research Portal & Amendment Tracker
Use OneTrust DataGuidance to access a centralized repository of CCPA resources that includes the full CCPA text, summaries, comprehensive guides, and regulatory guidance, as well as a CCPA amendment tracker. OneTrust DataGuidance is continually updated by the OneTrust global research team and includes latest amendments, news, and guidance.
Generate Your CCPA Readiness Report & Answer Key Questions from Your Board
Generate Your CCPA Readiness Report & Answer Key Questions from Your Board
With the OneTrust Maturity & Planning and Program Benchmarking tools, leverage a research-backed CCPA readiness and planning assessment to assess your organization’s CCPA gaps and assess remediation recommendations to minimize risks. Opt-in to share your readiness and benchmark your program against 300+ other organizations.
CCPA Consumer Rights & Opt-Out of Sale Solutions
Engage and Respond to Consumer Requests
OneTrust Consumer Rights & Targeted Data Discovery Technology
Intake & Fulfill Opt-Out of Sale &
Consumer Requests
The CCPA stipulates a 45-day response timeline for consumer rights requests. OneTrust Consumer Rights Management fully automates this process from intake to fulfillment utilizing Targeted Data Discovery technology. Leverage CCPA-specific response workflows to help your organization respond to requests appropriately, and with built-in exception handling, reduce unnecessary work, ensuring you meet CCPA compliance deadlines.
OneTrust Website & Mobile App Cookie Compliance
Enable Opt-Out of Sale Requests
Personal information under the CCPA is broadly defined and includes internet or other electronic network activity information, unique identifiers (which include cookies), and information regarding a consumer’s interaction with a website, application, or advertisement. OneTrust offers default cookie banners that reflect CCPA-specific messaging. Using geolocation, OneTrust can display different cookie banners with different consent models depending on the website visitor’s location and can be customized to include a “Do Not Sell My Personal Information” link.
OneTrust Consent & Preference Management
Track Verifiable Consent to Avoid Unauthorized Sale of Consumer Data
Under the CCPA, the right to opt out of the sale of personal information extends beyond the consumer to include devices and households. Via OneTrust, track do not sell requests by consumers, devices, and households.
OneTrust Policy & Notice Management
Centralize & Distribute Privacy Disclosures
Under the CCPA, privacy policies must be reviewed and updated at least every 12 months. The OneTrust Policy & Notice Management tool enables your organization to easily update, centralize, and distribute policies, notices, and disclosures across all web and mobile properties from a single platform. Update privacy notices to include consumers rights under the CCPA and direct consumers to a Consumer Rights intake form. Use OneTrust to ensure privacy notices include the categories of information collected, sold, and disclosed, or explicitly state if no personal information is sold.
CCPA Privacy Governance Solutions
Map Data Flows for Ongoing Compliance
OneTrust Data Mapping & Inventory
Map Data Flows & Meet ‘Look Back’ Requirement
OneTrust Data Inventory & Mapping technology is a core asset for those seeking to prepare for the CCPA. CCPA-specific data elements built into OneTrust help your organization track key attributes when mapping data for CCPA compliance. Additionally, leverage bulk importing capabilities to attach CCPA-specific data elements to existing data.
OneTrust Assessment Automation
Distribute CCPA-based PIAs & PbD Assessments
Assessments are core to the development of every comprehensive privacy program. OneTrust Assessment Automation offers updated, CCPA-specific PIAs to adhere to data minimization and purpose limitation considerations outlined under the CCPA. With Assessment Automation, take advantage of automated CCPA-specific risk flagging and research-backed remediation recommendations.
OneTrust Incident & Breach Response
Meet California Breach Notification Rules
Taking a proactive approach to incident and breach response, regardless of which data breach notification or privacy laws apply, helps decrease risks and other potential negative impacts should a breach occur. OneTrust Incident & Breach Response enables your organization to analyze incidents with a built-in, California Data Breach Notification assessment template. With customizable workflows, streamline response and quickly remedy a violation within the CCPA’s 30-day cure period.
OneTrust Vendor Risk Management
Assess Vendors & Navigate CCPA ’Cure Periods’
Leverage OneTrust Vendor Risk Management to communicate with third-party vendors to meet consumer requests for data access and deletion. Additionally, generate visuals to map vendors and data flows state by state and around the world.
CCPA Professional Services
Get Help Planning & Implementing the CCPA