CCPA Data Compliance with Streamdal

We're updating our documentation, so the presented info might not be the most recent.
Beta

The data compliance features of Streamdal are currently in beta, and being tested with a select group of contributors, companies, and design partners. If you would like to participate in the beta, please reach out to us.

The California Consumer Privacy Act (CCPA) demands strict data protection standards. Streamdal can help you navigate the data requirements of this regulation efficiently.

Streamdal’s Approach

With Streamdal’s data compliance features, you can:

Data Minimization: Establish robust rules to ensure data processing is in line with CCPA requirements.

Monitoring and Alerts on real-time data: Receive real-time alerts on potential data breaches or violations.

For example, you could set up alerts for a sudden change in data flow rate, spikes in logging activity, or sudden influx of data validation errors.

Timely Response to Requests: The combination of the open source and data governance Streamdal components will enable you to easily comply with customer data requests within the timeframe mandated by CCPA.

Coming Soon: A visual guide on setting up CCPA-specific rules in the Console UI.

Regulatory Insights

We wanted to make researching the relevant data regulations easier and give a better idea of where Streamdal could be the most impactful for your organization. In most cases, the combination of the observability and data governance capabilities will ensure successful compliance.

While more sections should be applicable, below are a few taken from the CCPA1 text with how Streamdal can help with data compliance:

§ SectionsHow Streamdal helps comply
§ 7002 (a)-(1)(2): Restrictions on the Collection and Use of Personal Information.The Streamdal SDK can enforce rules on consumers and producers to reject or alert on data if it contains more personal data than what is necessary, ensuring data minimization.
§ 7021:
Timelines for Responding to Requests to Delete, Requests to Correct, and Requests to Know.
Streamdal can greatly assist with the timeliness of these requests in two ways:

  1. The Console UI can visually indicate which producers and consumers are handling PII, and this information can be used to map their end systems, helping reduce discovery time.

  2. Rules can be set up to strip, restrict, obfuscate, and mask data, as well as rules on time fields, helping enforce data policies around retention, transmission, and consumption of PI/PI. This can greatly reduce the time spent servicing these requests.
§ 7027 (g):
Requests to Limit Use and Disclosure of Sensitive Personal Information.
For the same reasons listed in the above two cells, Streamdal can help limit the use and disclosure of sensitive PI/PII.
Information

Did you know:

CCPA requirements on the timeliness for responding to requests to delete, requests to correct, and requests to know are no later than 10 business days.

Safeguard consumer privacy and ensure you’re CCPA compliant with Streamdal.


Footnotes

  1. California Privacy Protection Agency. (2023). California Consumer Privacy Act regulations. In TITLE 11. LAW, DIVISION 6. CALIFORNIA PRIVACY PROTECTION AGENCY, CHAPTER 1 (§ 7002 (a)-(1)(2), § 7021, § 7027). https://cppa.ca.gov/regulations/pdf/cppa_regs.pdf

    In November 2020, California voters passed Proposition 24, the California Privacy Rights Act (“CPRA”). The CPRA amends and extends the California Consumer Privacy Act of 2018 (“CCPA”). To implement the law, the CPRA established the California Privacy Protection Agency (“Agency”) and vested it with the full administrative power, authority and jurisdiction to implement and enforce the California Consumer Privacy Act of 2018. The Agency’s responsibilities include updating existing regulations, and adopting new regulations.