TrustArc Blog

Webinar Recap: Managing CCPA and GDPR Individual Rights and DSAR Compliance

February 01, 2019

As part of the TrustArc Privacy Insight Series, TrustArc Senior Privacy Consultants Vanessa Stout and K Royal presented “Managing CCPA and GDPR Individual Rights and DSAR Compliance”.  This blog post will give a brief summary of that webinar; you can listen to the entire webinar and download the slides here.

In this webinar, Vanessa and K spoke on the upcoming California Consumer Privacy Act (CCPA) and how this new regulation is set to be the toughest privacy law in the United States and will impact any business who has consumers / customers or employees located in California, regardless of where the business is based. Failure to comply with the CCPA could result in fines, sanctions, loss of goodwill, among other negative consequences.  

The speakers gave an in-depth explanation on data subject access rights (DSAR) / individual rights under both the GDPR and CCPA, managing individual rights, and building an implementation plan. The GDPR and CCPA both require a mechanism for fielding a broad scope of data subject access requests, timely responding to requests, and keeping an audit trail should be part of an individual rights program. The chart below illustrates how many of these requests companies had received after the GDPR compliance deadline, which can give companies a rough idea of how many DSAR’s they may expect to receive:

Source:  IAPP / TrustArc Measuring Privacy Operations Benchmark Report (December 2018)

While there are many different areas of accountability under the CCPA and GDPR, Vanessa and K focused on how to address these three areas of individual rights management: access; data portability; and deletion. The speakers offered valuable tips on individual request intake, identity verification, workflow management and reporting. Vanessa and K wrapped up the webinar by answering attendee questions on documenting / responding to deletion requests, the CCPA “look back” requirement, and the CCPA enforcement deadline.

To learn more about individual rights management best practices, watch the on-demand Privacy Insight Series webinar here. Registration is now open for the next webinar in the Privacy Insight Series: “Managing Risk & Easing the Pain of Vendor Management.”

The TrustArc Privacy Insight Series is a set of live webinars featuring renowned speakers presenting cutting edge research, tips, and tools. Events are free and feature informative discussions, case studies and practical solutions to today’s tough privacy challenges. Over 21,000 privacy professionals registered for our events in 2018!