Customer Data Protection Act, CA-SB1386

Overview
nextlabs-customer-data-protection-act-ca-sb-1386-compliance-solution
Resources

  • Identify personal data and protect it against unauthorized disclosure and loss.
  • Manage entitlements to limit users' data access based on their need-to-know.
  • Establish information barriers to ensure that information is limited to its disclosed purposes, and communicated only for its intended purpose, by intended persons, in intended locations, and during intended times.
  • Prevent the export of personal information to third parties or affiliates, if customers did not provide approval for such distribution.
  • Enforce persistent privacy policies upon customers' personal information when the information is distributed to business partners, agents, affiliates, and contractors.

 

Identify, control, and audit the flow of consumer personal information, to ensure confidentiality and demonstrate privacy law compliance

Like numerous privacy laws in other states, California's Information Practices Act (SB 1386), requires companies and government agencies that store personal information about California residents to protect this data. When this information has been potentially exposed, organizations must notify all affected residents about the potential breach.

Personal information includes an individual or individual's name in combination with Social security number, driver’s license number or California identification card number, account number, credit or debit card number, security code, access code or password (PIN) that permits access to an account, or medical information.

Companies failing to deploy information security procedures or disclose potential breaches face liability from class action suits, as well as irreversible brand damage.

 

Customer Data Protection Compliance Applications

NextLabs' solution is a set of applications which include a comprehensive set of pre-built policy libraries and pre-built reports to provide an enterprise-wide protection of the consumer identity and personal information.  Policy sets can be easily customized to the environment or used as templates to create new policies. The Solution can:

  • Identify personal data and protect it against unauthorized disclosure and loss.
  • Prevent accidental destruction of personal information, and securely destroy personal data when required.
  • Identify documents containing personal information, and alert users about current policies and procedures for handling it properly.
  • Manage entitlements to limit users' data access based on their need-to-know.
  • Automate information handling to prevent loss and reduce procedural errors.
  • Establish information barriers to ensure that information is limited to its disclosed purposes, and communicated only for its intended purpose, by intended persons, in intended locations, and during intended times.
  • Prevent the export of personal information to third parties or affiliates, if customers did not provide approval for such distribution.
  • Enforce persistent privacy policies upon customers' personal information when the information is distributed to business partners, agents, affiliates, and contractors.
  • Report on any potential information risks, and discover gaps in compliance with personal data protection regulations.
 
Datasheet-Information-Risk-Management-Compliance-Enterprise-DLP
White-Paper-Information-Risk-Management-Compliance-Enterprise-Entitlement-Management-Authorizations-Access-Control
White-Paper-Information-Risk-Management-Compliance-Information-Governance-for-Microsoft-SharePoint
Pre-Recorded-Webinar-Information-Risk-Management-Compliance-Insider-Endpoint-Data-Loss-Prevention