Are you prepared for the California Consumer Privacy Act enforcement?
At Microsoft, we believe that privacy is a basic human right. We are committed to ensuring the privacy of your organization, both through our contractual agreements and by providing user control and transparency. Continuing to support our commitment to privacy, we extended the core data privacy rights granted under the General Data Protection Regulation (GDPR) to all of our customers. Similarly, we extended the core California Consumer Privacy Act (CCPA) rights to all customers in United States.
Under CCPA, consumers are granted robust data privacy rights and control over their personal information, including the right to know, the right to delete, and the right to opt-out of the sale of personal information that businesses collect, with additional protections for minors. CCPA went into effect January 1st, 2020 and will be enforced starting July 1st 2020. Businesses that have consumers in California could be significantly impacted by CCPA, as it is the most comprehensive consumer data privacy act in the United States.
This blog shows how Microsoft can help you improve your compliance with CCPA.
Translating regulations into assessments
We translated privacy-focused regulations such as CCPA, that are often complex, into simple step-by-step instructions and made that guidance available as assessments through Microsoft Compliance Score. Microsoft Compliance Score maps regulatory controls to recommended actions and provides guidance to implement controls and capabilities (e.g. retention and sensitivity labels).
Microsoft Compliance Score dashboard in the Microsoft 365 compliance center
Understanding, assessing, and remediating technical, operational, and privacy controls pro-actively
You can use the CCPA assessment in Microsoft Compliance Score to understand actions that Microsoft takes on your behalf and actions that you should take on privacy notices, Data Subject Requests, processing and disclosing personal data, and obtaining consent. The CCPA assessment in Microsoft Compliance Score provides 37 improvement actions to help you on your CCPA compliance journey. By following the assessment recommendations and implementing the recommended controls, you can take a proactive role in getting ahead of CCPA and other compliance requirements.
Improvement actions view for CCPA assessment in Microsoft Compliance Score
To further support you on your data privacy journey, Microsoft Compliance Score provides several privacy-specific assessments such as GDPR, ISO 27701, Brazil Lei Geral de Proteção de Dados (LGPD), and SOC 1 Type 2 and SOC 2 Type 2.