Companies show slow positive movement toward CCPA and CPRA compliance
BOSTON —Cytrio released its sixth “State of CCPA & CPRA Privacy Rights Compliance” report to understand how well U.S. companies have improved their preparedness over the last five quarters for meeting California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) compliance requirements related to Data Subject Access Requests (DSAR). Cytrio examined 600 of the previously researched 11,000-plus mid to large companies with revenues from $25 million to more than $5 billion. The results identified 6.67% of companies that were using manual processes in the first quarter (Q1) of 2022 moved to compliance automation solutions by Q2 2023, while 14.67% of noncompliant companies moved to either automated and manual compliance solutions.
“While the lack of active enforcement in the data privacy space seems to be resulting in slow movement toward compliance, our research shows that companies have in fact moved up the CCPA/CPRA compliance maturity curve from Q1 2022 to Q2 2023,” said Vijay Basani, founder and CEO of Cytrio. “More changes are coming in data privacy compliance, including employees’ right to exercise data privacy in the expansive CPRA and active enforcement, which began on July 1, 2023, which requires companies to deploy an effective and scalable CCPA/CPRA solution.”