The new California Consumer Privacy Act (CCPA), which entered into force on January 1, 2020, gives individuals the right to learn about the personal data collected and shared about them over the past 12 months, and requires companies to not only provide timely responses to Data Subject Requests (DSRs), but to also have a process in place to ensure they're providing personal data to the correct person.
Identity verification must be the very first step in every organization's DSR workflow, and the sure-fire way to make this first step as safe and simple as possible is to choose a verification mechanism that produces a high level of assurance. Without proper identity proofing, organizations end up doing the exact opposite of what these new global privacy regulations were intended to achieve.
In this white paper, we'll discuss:
- The primary differences between DSR obligations outlined in the GDPR and the impending CCPA laws
- Provide tips and best practices for incorporating identity verification
- Help companies avoid both fraud and legal ramifications for noncompliance