On January 1st, 2023, the California Privacy Rights Act (CPRA) will go into effect, expanding on the current CCPA. As a result, companies will be faced with requirements related to managing risks, similar to that of GDPR.
To guarantee compliance, the CPRA will require all organizations to fill out and readily have available completed Privacy Impact Assessments (PIA) that clearly identify and mitigate risk to the business, stakeholders, and the public. Unlike GDPR, these PIAs must be conducted, updated, and submitted regularly.
Join the TrustArc privacy experts on this webinar as they help you prepare for the new CPRA requirements.
This webinar will review:
- Next Steps in CRPA
- Requirements for PIAs relative to CPRA
- Similarities/differences between CPRA and GDPR requirements
- How privacy software can save you resources in achieving CPRA compliance
2. 2
Speakers
Chris Griggs
Product Marketing Manager,
TrustArc
Paul Iagnocco
Customer Enablement Lead and
Senior Privacy Consultant,
TrustArc
Joanne Furtsch
Director, Privacy Intelligence
Development,
TrustArc
3. 3
What Are Privacy Impact Assessments And Why Are They Important?
Exploring CPRA And its Context in the World of Privacy
Why You Need to Systematize Your PIA Process
Question Period
Agenda
6. 6
6
Ahh Yes! More Privacy Acronyms
CCPA
California
Consumer Privacy Act
of 2018
California State Law –
Legislative Action
Intended to enhance
privacy rights and
consumer protection for
residents of California
January 1, 2020 – July 1, 2023
CPRA
California
Privacy Rights Act
of 2020
California State
Referendum – Voter Action
CCPA amendment that
addresses issues and gaps
created by initial CCPA
January 1, 2023
CPPA
California Privacy
Protection Agency
California State
Referendum – Voter Action
5-Member Agency charged
with enforcement of
California privacy rights –
First state enforcement
agency of its kind in US
January 1, 2023
What does it
stand for?
Origins
Effective
Intent
7. 7
Introducing CPRA and its Context in the World
What Is CPRA?
PIAs: GDPR Versus CPRA
The Future of Privacy:
CCPA and beyond!
Why the Sephora Ruling is
Important
8. 8
8
Business Alert – Expanded Coverage
ONLY
Consumer personal data
Consumer personal data
+
Employee personal data
+
Business to Business personal data
TODAY TOMORROW
9. 9
Introducing CPRA and its Context in the World
What Is CPRA?
Focus on PIAs:
GDPR Versus CPRA
The Future of Privacy:
CCPA and beyond!
Why the Sephora Ruling is
Important
10. 10
Introducing CPRA and its Context in the World
What Is CPRA?
Focus on PIAs:
GDPR Versus CPRA
The Future of Privacy:
CCPA and beyond!
Why the Sephora Ruling is
Important
*Please read TrustArc’s blog for more information on the Sephora Case:
“Sephora Settlement and Enforcement Examples Provide Insight into CCPA Compliance”
11. 11
“I hope today’s settlement
($1.2MM fine against Sephora)
sends a strong message to
businesses that are still failing
to comply with California’s
consumer privacy law (CCPA).
My office is watching, AND
we will hold you accountable.”
- California Attorney General, Rob Bonta
12. 12
Introducing CPRA and its Context in the World
What Is CPRA?
Focus on PIAs:
GDPR Versus CCPA/CPRA
The Future of Privacy:
CCPA and beyond!
Why the Sephora Ruling is
Important
15. 15
What are PIAs and Why are They Important?
Data Inventory: The Foundation
for PIAs
What are Privacy Impact
Assessments?
Prioritizing & Filling Out a PIA
16. 16
What Are PIAs and Why Are They Important?
Data Inventory: The Foundation
for PIAs
What are Privacy Impact
Assessments?
Prioritizing & Filling Out a PIA
17. 17
What Are PIAs and Why Are They Important?
Data Inventory: The Foundation
for PIAs
What are Privacy Impact
Assessments?
Prioritizing & Filling Out a PIA
24. 24
Thank You!
See http://www.trustarc.com/insightseries
for the 2022 Privacy Insight Series and past
webinar recordings.
If you would like to learn more about how TrustArc can support
you with compliance, please reach out to sales@trustarc.com
for a free demo.