Skip to main content

Financial Services

Getting Started with California Consumer Privacy Act Compliance

Nearshore Agile Teams

Compliance with the CCPA requires robust processes for identifying, governing, distributing, and securing consumer personal information.

The first steps are to document the current usage of this information:

  • Data inventory: Generate lists of personal data related to clients, investors, employees, counter parties, prospects and other entities.
  • Data recipients: Compile a list of entities, such as administrators, custodians, transfer agents, investment managers, and other service providers.
  • Data policies: Review current policies to process, retain and delete data.
  • IT security: Assess information security and data protection mechanisms from a business and technical perspective.
  • Third-party compliance: Review and conduct gap analysis of third-party provider data security policies

After the initial assessment is complete, financial institutions will be in a position to:

  • Confirm what personal data they hold and for what purpose
  • Understand whether there is a strong legal basis for holding this data
  • Modify business processes that do not comply with the CCPA
  • Develop revised policies and procedures
  • Reinforce data governance, distribution, and protection mechanisms
  • Ensure third-party providers are in compliance

We recently published a guide examining the California Consumer Privacy Act of 2018, and the steps any financial institution must take in its response to the new law to evaluate its exposure and current state of readiness. You can download the guide below.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Nilanjan Sen, Director, Financial Services, Perficient

Nilanjan Sen, asset management lead in Perficient’s financial services practice, joined the company in 2013 via the acquisition of ForwardThink Group. His areas of focus include data management, business intelligence, operational systems, and investment research and analytics. Nilanjan has over 20 years of experience in corporate and consulting roles. Prior to Perficient, he was VP of IT services at asset management firm AllianceBernstein.

More from this Author

Follow Us