CCPA Deletion Request

The CCPA gives consumers the right to request that businesses delete personal information that the business has collected from the consumer. This workflow keeps deletion requests on-stream, auditable, and ready for public consumption.

Challenge

Create a public-facing workflow that seamlessly gathers information for a customer through Accounting, HR, and/or Finance. Ensure ease-of-use for the end user while keeping everything aligned and audited internally.

Solution

  • Workflow, including specification of stakeholders and notifications, is completely customizable.
  • Forms can be built in TAP with embedded business logic, dropdown fields and other features, customizable by type of personal information or other specifics.
  • Easy-to-use online self-service forms allow public users to submit requests for deletion of personal data.
  • Once submitted, requests are automatically routed to proper stakeholders/managers for review.
  • Internal SLAs and formal requests for extension can be built into the form.
  • Approval or denial notifications can be automatically generated and sent to requesters and/or contractors.

Benefits

  • “Privacy By Design” ensures that companies are compliant without need of additional management or manpower.
  • Diverse teams can complete their due diligence work-streams in parallel, and are also given opportunities for collaboration.
  • Intakes are submitted, processed, and screened with far greater speed and minimized errors, delays and costs.
  • Forms are branded to have the same look and feel as the company website for the best end user experience.
  • Central dashboard provides superior monitoring and governance of all sourcing processes.
  • Automatic centralized archiving of workflow data and assets provides for detailed recordkeeping and review.

ROI

Showing up for data privacy isn’t just a good way to show consumers that you care. Failure to do so gets expensive: If you’ve failed to delete a personal data record when requested, or it’s sold without the person’s permission, or leaked, the minimum fine is $2,500 per record. The fine escalates the longer it takes to fix the issue, too. If it’s determined that a breach was due to a known issue you ignored, the fine can automatically shoot up to its cap of $7,500 per record. Multiply this times the number of records that might be involved and you can see how noncompliance can get ruinously costly.