California Consumer Privacy Act

The California Consumer Privacy Act (CCPA) is one of the most comprehensive data-protection laws ever to be proposed in the United States. Are you ready?

{ Banner Photo }



Companies that do business in California, collect personal information about California residents, and meet other statutory requirements may be subject to the CCPA. These businesses likely will have to significantly change the way that they collect, use, and share personal information.

BRG experts and professionals address the CCPA by focusing on a holistic 360-degree approach to data privacy, data security, and information governance. Our mission is to help you implement a robust CCPA preparedness initiative by creating an engaged workforce rooted in proven governance procedures and robust information security.


Identify Data Inventory and Mapping

The critical first step involves knowing where collected personal information exists within your organization and understanding how personal information is being used and whether it may be sold to third parties. This may include creation of a:

  • Data map
  • Records retention schedule
  • Data classification matrix

Put It in Writing

It is important to update documentation to address CCPA requirements. Documentation may include:

  • Policies and procedures
  • Privacy notices
  • Consent forms and logs
  • Data processing agreements
  • Incident response playbook

Create Your Data-Handling Playbook

Data owners and handlers of personal information will need to understand their responsibilities and be familiar with the new policies and procedures, including:

  • Personal information-handling procedures
  • Interactive (LMS) training
  • Quick-reference guides
  • Remediation/minimization/de-identification

Grow Culture and Awareness

You should engage employees with a uniquely interactive and appealing approach, including:

  • Awareness Campaign
  • Branding, logos, and taglines
  • Ongoing communication plan
  • Gamification

News & Insights