Reporting may be one of the most challenging aspects of the California Consumer Privacy Act (CCPA). The recent draft regulations from the California Attorney General introduces reporting requirements that companies must account for during process development for the CCPA.
Among the regulations include the requirement for a complete report of metrics from the previous calendar year for the different categories of data requests including total number of requests, deletions, and opt-outs. Additionally, a company must report on the median number of days it took to respond to requests to know, delete and opt-out.
This introduces unique challenges from a manual perspective. In order to produce these reports within the required timeframes some companies should consider using some form of automation.
As reference, this is the excerpt from the CCPA draft regulations:
Let’s dive deeper on what reporting for CCPA could look like, as an example this report dashboard shows the proper metrics as required by the CCPA. The metrics shown here aren’t all required, but they will aid in your team’s productivity and understanding of the volumes and types of requests coming through your organization.