Enabling the CPRA module
- To enable the module by navigating to Settings > Privacy > Modules. (If you've already been using the CCPA module, it will be enabled for you by default.)
- Navigate to Settings > Privacy > Profile to respond to a few new questions about your organization. This information will help us provide you with CPRA-specific recommendations.
Understanding CPRA-specific taxonomy attributes
With the CPRA module enabled, your default taxonomies will be updated with a few new attributes:
- Data types will have an attribute called CA Breach, referring to the sorts of data that, if compromised, could give rise to liability if the data was insufficiently protected. This attribute designates which data types are subject to California’s data security requirements, since California’s data security requirements apply to fewer data types than the broader set of data privacy requirements.
- Data types will have a CA SPI attribute, referring to types of data that are subject to Californians’ right to limit the use of their sensitive personal information. For types of data that are associated with this attribute, we'll provide tailored guidance about how to comply with this right.
- Data uses will have a new attribute called ML (Machine Learning). The CPRA’s enforcement agency, the California Privacy Protection Agency, will have the authority to promulgate regulations limiting how companies can engage in automated decision-making. This attribute will help organizations flag which of their data uses pertain to automated decision-making, so that we can create the appropriate recommendations for when those regulations later get issued.
CPRA-specific taxonomy changes are automatic for TerraTrue's default taxonomy items, but you'll need to update these fields in your custom taxonomy items manually.
Scanning your launches for CPRA gaps
TerraTrue allows you to scan your completed launches and org information to get initial recommendations for complying with the CPRA. To get started, navigate to Privacy Central > Recommendations.