Adaptive Learning
CCPA and CPRA for Organizations
Course Preview
At a glance
California takes privacy seriously. Laws like the California Consumer Privacy Act (CCPA), and amendments such as the California Privacy Rights Act (CPRA) establish strict requirements regarding how organizations collect, use and disclose personal information. They also grant consumers specific rights to access and control that information.
CCPA and CPRA for Organizations prepares employees for compliance by defining key terms such as “consumer,” “personal information” and “sensitive personal information,” and lays out best practices for the collection, use and processing of personal information. It provides guidance on selling and sharing personal information, as well as protecting it. Employees will also learn how to handle consumer rights requests, including access and deletion.
Privacy rights are serious, and violations can be costly. Knowing how to navigate California privacy law is the first step to prevention and protection.
Course Details
All Learners
Key concepts covered in this course:
- Definitions of consumer, personal information and sensitive personal information
- Guidelines for proper collection of personal information
- Key questions to ask when processing or using personal information
- The definition of and differences between selling and sharing personal information
- Monitoring third parties to ensure they follow the organization’s policy and the law
- Notification of third parties when a consumer makes a request
- Providing proper notice to consumers
- The right to access
- The right of deletion (erasure)
- The right to correction
- The right to opt out of selling and sharing
- The right to non-discrimination for exercising rights
- Handling requests appropriately
- Careful storage of personal information
- Following records management policy
- Technology best practices
- Guidelines for handling actual or suspected data incidents
- The responsibility to help protect personal information and consumer rights
- The importance of following policy and the law
- A reminder to report data incidents and misuse
- An opportunity to review key policies and certify