This article is contributed. See the original author and article here.

Are you prepared for the California Consumer Privacy Act enforcement? 

 

At Microsoft, we believe that privacy is a basic human right. We are committed to ensuring the privacy of your organization, both through our contractual agreements and by providing user control and transparency. Continuing to support our commitment to privacy, we extended the core data privacy rights granted under the General Data Protection Regulation (GDPR) to all of our customers. Similarly, we extended the core California Consumer Privacy Act (CCPA) rights to all customers in United States.  

 

Under CCPA, consumers are granted robust data privacy rights and control over their personal information, including the right to know, the right to delete, and the right to opt-out of the sale of personal information that businesses collect, with additional protections for minors[1]. CCPA went into effect January 1st, 2020 and will be enforced starting July 1st 2020. Businesses that have consumers in California could be significantly impacted by CCPA, as it is the most comprehensive consumer data privacy act in the United States.

 

This blog shows how Microsoft can help you improve your compliance with CCPA.

 

Translating regulations into assessments

We translated privacy-focused regulations such as CCPA, that are often complex, into simple step-by-step instructions and made that guidance available as assessments through Microsoft Compliance Score. Microsoft Compliance Score maps regulatory controls to recommended actions and provides guidance to implement controls and capabilities (e.g. retention and sensitivity labels).

 

Microsoft-Compliance-Score-1a.pngMicrosoft Compliance Score dashboard in the Microsoft 365 compliance center

 

Understanding, assessing, and remediating technical, operational, and privacy controls pro-actively

You can use the CCPA assessment in Microsoft Compliance Score to understand actions that Microsoft takes on your behalf and actions that you should take on privacy notices, Data Subject Requests, processing and disclosing personal data, and obtaining consent. The CCPA assessment in Microsoft Compliance Score provides 37 improvement actions to help you on your CCPA compliance journey. By following the assessment recommendations and implementing the recommended controls, you can take a proactive role in getting ahead of CCPA and other compliance requirements.

 

Microsoft-Compliance-Score-2a.pngImprovement actions view for CCPA assessment in Microsoft Compliance Score

 

To further support you on your data privacy journey, Microsoft Compliance Score provides several privacy-specific assessments such as GDPR, ISO 27701, Brazil Lei Geral de Proteção de Dados (LGPD), and SOC 1 Type 2 and SOC 2 Type 2. 

 

You can access Microsoft Compliance Score in public preview in the Microsoft 365 compliance center (compliance.microsoft.com). You can also explore our technical documentation to learn how to add these assessments onto your dashboard today.

 

Learn more

  • Attend this webinar hosted by Microsoft and Perkins Coie to learn about practical post-enforcement guidance and how Microsoft is preparing for enforcement with its own solutions
  • Read about Microsoft’s approach to CCPA in this blog by Julie Brill, Microsoft Chief Privacy Officer
  • Read this documentation on CCPA

 

[1] https://oag.ca.gov/privacy/ccpa

 

 

 

 

 

 

 

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.