Financial Advisory Blog

Armanino’s Financial Advisory blog is your source for thought leadership around cloud ERP and accounting solutions and integrations. Supported by the Cloud Accounting Institute and numerous experts in cloud, finance, reporting, integration, compliance, and technology, Armanino’s Financial Advisory blog features must-read content on what’s happening in the finance industry, case studies, white papers, and much more.

July 16, 2019

Is CCPA Making Sense of Unstructured Data?

Posted by Pippa Akem

Is the California Consumer Privacy Act (CCPA) forcing your organization to create structure for your unstructured data? Beginning with a full inventory of the personal data companies house, the CCPA puts companies on the path to not only knowing what data they have collected, but also fully understanding and recording how they use or share that information.

While we understand that most transactions and engagements today involve a greater exchange of personal information than in the past, the need to have a valid reason for collecting this data should be closely scrutinized by the companies collecting it. When you think about it, a secondary benefit of the CCPA is that it will help companies define their focus by zeroing in on the quality of the data a company has – and not just the volume of information it gathers. (The General Data Protection Regulation, GDPR, is having a similar impact.)

If your company’s data operation includes processing unstructured data, you are likely challenged both by how to create structure for the data you must maintain and by how to dispose of the “extra stuff.” It’s obvious you cannot address the full spectrum of your organization’s privacy risks if you don’t fully understand  the information you currently house.  

We encourage you to view the new requirements as an opportunity to take control of the true data your company requires to do business — and put in place transparent processes that allow you to meet your compliance obligations and close trust gaps.

The CCPA and similar laws  are mushrooming across the country and expose where privacy regulation is headed, with many states inclined to give consumers greater control over their personal information. The takeaway from the flurry of activities is that companies should not delay their compliance preparations. Instead, they should begin to draw up their roadmap for how they plan to respond to consumers’ privacy rights given their business practices.

With varying priorities and strategies for tackling privacy requirements, given that no business is exactly alike, there are still baseline rules to go by. Start with knowing what is done with the personal information that your organization has collected, document a business purpose, and identify the source of the information and who has access to it.  Do not delay — when will you have time to structure your unstructured data if not now?

For more information on Armanino’s data privacy, inventory and mapping solutions visit Risk Assurance & Advisory Privacy Services.


COMMENTS

comments powered by Disqus
« | »