CCPA Compliant File Sharing
FileCloud Offers Features to Comply with CCPAGet Free Trial → Payment details are not required
How CCPA (California Consumer Protection Act) will Impact Businesses
Why CCPA Matters?
Under CCPA, residents and employees of California can now request deletion of personal details, opt out of the sale of personal information, know whether their personal information was disclosed or sold, and find out which categories of their personal details have been collected.
CCPA Personal Information
According to the CCPA, personal information broadly includes various categories that identify a
person indirectly, such as aliases, social security numbers, search and Internet browsing history, credit card information, unique personal identifiers, geo location data, email addresses, and others.
Impact on Businesses
California permits businesses to offer financial incentives to users who share personal data. Like GDPR, CCPA helps companies offer a reasonable protection level for personal information. Businesses now need to request permission before collecting customer information and explain how they plan on using the same.
What is CCPA and why it matters?
From January 1, 2020 a new data privacy law will come into effect that will provide guidelines to the businesses and companies about the collection and use of personal data of the Californian residents. CCPA stands for California consumer protection act and is a comprehensive general data privacy law that the state of California enacted in response to growing public concern over the abuse of personal data. The law emphasis the increased role of personal data in the business and the privacy implications in terms of its collection, usage, and protection of personal data. The law aims to protect the right to privacy of the residents of California.
CCPA applies to personal data that is:
- Provided directly by users in online forms
- Collected by tracking tools and related technologies
Under CCPA, residents and employees of California can now:
- Request deletion of personal data, option to know whether their data is sold or disclosed, and to find out which categories of the personal details have been collected by the companies
- Receive equal benefits and service, even when residents are exercising privacy rights
- Personal data broadly includes categories that identify the person indirectly such as aliases, social security numbers, browsing history, credit card information, personal identifiers, geo-location data, e-mail addresses, and others.
CCPA empowers the residents of California with the right to:
- Know what personal data is collected by companies.
- Know if their personal information is being sold or disclosed
- Know with whom their personal information is being shared
- Deny the sharing of their information
- Access their personal information
Impact of CCPA on the business:
CCPA applies to any for-profit concern that does business in California and collects personal data of the Californian residents. Companies must now take stock of what constitutes private data so that they remain compliant with the guidelines of the CCPA. The CCPA law covers every company with gross revenues of at least US$25 million that collects personal information from 50,000 or more Californian users per year and generates more than half of its revenues by selling the personal information of the residents. California permits businesses to offer financial incentives to the users who share personal data, but they need to opt-in for the same beforehand. Businesses now need to explain how they plan to use customer information and request permission before collecting and processing data. This ensures that companies set security measures for the CCPA compliant file sharing services that they offer.
Try FileCloud Today!
Sign up for a 14 day FREE trial, no strings attached.
CCPA requires that all users provide explicit consent to track personally identifiable information (PII). FileCloud offers privacy settings to ask for explicit consent from users while accessing, viewing or downloading files from FileCloud.
Right To Be Forgotten (Anonymization)
CCPA provides that users may request the deletion or anonymization of any data companies possess relating to them. FileCloud allows administrators to delete or anonymize all user data, including any traces in FileCloud access logs.
Right To Access
Right To Access: CCPA provides that users may request access to any information companies possess relating to them.
FileCloud offers data residency, allowing customers to select the region of their choice for storing and processing data. Offers 100% flexibility where to store and process data. Can be deployed private or hybrid cloud on an infrastructure that customers control.
Privacy By Design
CCPA requires companies to provide privacy, regardless of technological implementation or design. FileCloud is built on open standards and is designed to offer the flexibility of deployment on private, public, or hybrid clouds.
Data is encrypted at rest using AES 256-bit encryption and during transit.
Granular Access Control
You can set granular permissions over access, file and folder permissions for each user. Furthermore, you can restrict features to ensure only the intended users can access, sync and share the data.
Total Visibility and Control
Offers complete audit trails, and detailed reporting on all file transfer and sharing activities. Admin dashboard shows all the devices accessing the files in real time.
Greater Cost to Small Businesses:
CCPA ignores the requirements of different industries, and thus hurriedly excluded numerous small companies. As the current definition of business stands, the CCPA law is likely to affect most small businesses adversely. While 50,000 users each day don’t ring a bell in your ear but if you can foresee in hindsight it comes up to 150 users per day which is not a huge number considering the population of the US.
Due to the confusing definitions surrounding this act, the CCPA is going to sweep in a lot more business than expected. A lot of small businesses will fail to gather the funds necessary to pay off the expenses related to the new law and must choose between complying with the new law or exit the market. The majority of small businesses interconnect with larger or other small companies to recover their profits. Unfortunately, only a couple of businesses can be considered CCPA compliant now. Many have yet to begin the compliance process while most are in different stages.
Common Questions About CCPA:
Is CCPA a copy of GDPR?
No. GDPR has a far wider scope in its operation. Just because you are compliant with GDPR doesn’t necessarily mean you comply with CCPA. Although GDPR and CCPA share many common features, you still need to meet specific requirements concerning the sale of personal data.
Does CCPA apply to SME businesses?
Small or big business is irrelevant to the CCPA. It is not focused on the size of your business, but whether it meets certain criteria as mentioned above.
What is personal data according to CCPA?
CCPA defines personal data as any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal data broadly includes categories that identify the person indirectly such as aliases, social security numbers, browsing history, credit card information, personal identifiers, geo-location data, e-mail addresses, and others. Publicly available information is not a subset of personal data according to CCPA.
Ways in which users can contact you regarding their personal information?
CCPA grants the right to the user to know about the personal data you have collected from them; they can request changes to the information, move it somewhere else, or delete it. At a minimum, you have to provide a web address to your website and a toll-free telephone number.
Have you prepared data maps of California residents?
Data map, or data inventory, is a process of figuring out what type of information you collect, why you do it, where it is held, with whom it is shared, how it is transferred to third party vendors and other questions related to the data collection and use of data regularly. It is not required by the CCPA, but it is a good practice that minimizes the risks associated with the user’s data.
Is FileCloud CCPA compliant?
FileCloud cloud services provide you with CCPA compliant file sharing services that are not only compliant with the guidelines of CCPA but also come with advanced infrastructure to protect consumer data by using the latest technology in its operation.
Positive impact of CCPA:
A lot of businesses still need to get ready to meet the CCPA deadline. Streamlining the data collection process by a company, along with the storage and processing methods can go a long way in making the system more efficient. If your business has to know what must be done for its IT systems to meet the requirements of CCPA, FileCloud is your best bet.
Apart from risk assessment and review, FileCloud also assesses your existing data protection methods and policies. This helps you implement long-term security and privacy plan. Filecloud offers a fully CCPA compliant file sharing cloud ecosystem that is both secure and comes with the latest encryption technology to protect customer’s data.
5 steps that businesses and Companies must undertake to prepare them to stay CCPA compliant:
• Conduct a privacy assessment and document data processing activities for the data collected, disclosed or sold
• Review security tools and plans to minimize the risk of a data breach and impending fines
• Identify all the impacted stakeholders including marketing, IT, business development, and product development teams
• Review if you need to make any changes to databases, systems, or even vendors to comply with the law
• Evaluate the current processes and see if they needed an upgrade