August 18, 2021 2:00-2:30 PM ET
The California Privacy Rights Act (CPRA) comes into effect on January 1, 2023. Among its new requirements is a new data retention provision. Personal and sensitive information must be disposed of when its purpose has been fulfilled, and the organization must disclose the retention policy at the time of collection. Additionally, the data retention policies apply to data collected on or after January 1, 2022. Under CPRA, companies can no longer simply hold individuals’ personal data forever; they must have robust data retention and disposal practices.
Every organization has data retention policies, but very few actually operationalize them. CPRA shines a light on these practices and holds organizations accountable for them. The regulation also establishes a new enforcement agency, which indicates increasingly vigorous enforcement as CPRA goes into effect. Data breach risks are also heightened, as litigators can easily show negligence when data is kept beyond its retention period.
- What the CPRA means for your client’s organization
- Why updating your client’s Data Retention program will help you generate revenue
- How technology can help you create CPRA compliance in just 60 days for your clients
Robert Fowler, CIPP-US, Director of Strategic Partnerships and Rebecca Perry, CIPP US/G, Director of Strategic Partnerships at Exterro.com