KuppingerCole Report
Leadership Brief
By Mike Small

Six Key Actions to Prepare for CCPA

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed. This report identifies six key actions that IT needs to take to prepare for compliance.

Content of Figures

  1. Figure 1 Privacy and Security

1 Executive Summary

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing the personal data of Californ ...

Login Get full Access

2 Analysis

Around the world governments are introducing laws and regulations governing the collection and use of PII. In Europe GDPR (General Data Protection Re ...

The first and foremost challenge that most organizations face is finding the PII that they already hold. This data may be fragmented across multiple ...

Once the PII data is found and its flows are understood, it is necessary to consider how well this meets the GDPR requirements. The data held must be ...

The right to erasure is also an area where work may need to be done. With some technologies, it may not be practical to completely erase data. A cas ...

Login Get full Access

3 Recommendations

The six key recommendations concerning what you need to do to ensure that your organization is compliant are:

  1. Discover the PII data: the first an ...
Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.