Keep my data private


Man and woman talking in server room

How to allow customers to easily request data privacy under the California Consumer Privacy Act   
Julie, who recently took up baking cupcakes as a hobby, is furious—and not about her culinary skills. She hadn’t realized how much of her personal information the company from which she bought her supplies had harvested and sold, without her express permission. She wants to know what they know about her, to whom they have sold that data, and that, once the harvesting is stopped, her information will be forgotten.

Until recently, companies took whatever information they could extract from consumers, who had little recourse, and used it however they wanted. But in California, as in much of Europe, laws have changed and strengthened. What obligation do companies that serve customers in California now have to people like Julie?

What the California Consumer Privacy Act requires
The California Consumer Privacy Act (CCPA), signed into law in June 2018, strengthened and unified data protection. California consumers now have the legal right to opt out of the sale of their personal data to third parties; companies that fail to comply face stiff penalties. Enforcement of the law begins in July. If you’re a business covered by the CCPA you must disclose the personal customer information you collect, share, and sell; you must also provide, on websites and mobile apps, a clear method for consumers to opt out of sharing their information and delete any personal data upon a consumer’s request.

Keeping customer data private engenders loyalty
To abide by the CCPA requires having systems and processes to ensure accurate personal information on consumers and current records of which third parties have purchased that data. To provide positive customer experiences and cement customer loyalty, the systems and processes need to allow customers to easily request that their data stay private.

Consider the typical journey that a customer like Julie will take with your business when she makes an opt-out request:

 

Process and system for requesting data privacy


Under the CCPA, you’ll have 45 days to respond to the request. You’ll need to not only track how you fulfilled the request but also provide verification that you’ve reached out to third parties to request that they delete customer information.

 The solution that makes following CCPA guidelines simple
These may be complex tasks on the back end, but your systems need to shield customers like Julie and make the process of handling their data-privacy requests as efficient as possible.

ServiceNow offers an out-of-the-box customer service portal that can be added to the ServiceNow Governance Risk and Compliance solution. This creates a seamless, self-service customer experience where a consumer will simply click on a button to make an opt-out request. The solution provides full visibility into a request and also tracks all efforts to reach out to third parties on the consumer’s behalf. It also provides data privacy case analytics to ensure cases are resolved and that service level agreements are met.  

There’s still time to get ready for the CCPA—and keep your customers happy
CCPA enforcement begins on July 1, but there’s still time to implement the right solution to comply with the CCPA and make it painless for your customers to request to keep their data private.

Want to learn more about the CCPA and what it might mean for your business? Visit the first post in our series here.

Learn more about ServiceNow’s customer service portal and ServiceNow Governance Risk and Compliance.

Read more about the CCPA.

 © 2020 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, and other ServiceNow marks are trademarks and /or registered trademarks of ServiceNow, Inc., in the United States and/or other countries. Other company and product names may be trademarks of the respective companies with which they are associated.

Topics

  • Peripheral vision for CIOs: A close-up of a man with glasses
    AI and Automation
    Peripheral vision for CIOs starts with AI-powered service operations
    Operating at the speed of a digital business and enduring the next wave of unexpected change requires peripheral vision. AI-powered service operations deliver.
  • Managing risk and security: A woman sits on a bench using a laptop at a train station.
    Cybersecurity and risk
    Proactively managing risk and security
    Organizations have realized the importance of proactively managing risk and security to build resilience and to emerge from a crisis stronger.
  • An integrated solution to activate ESG across the enterprise
    Cybersecurity and risk
    Announcing an integrated solution to activate ESG across the enterprise
    ServiceNow is releasing an integrated solution that empowers companies to activate ESG initiatives and activities across the enterprise for a better world.

Trends & Research

  • Business resilience: Two employees with face masks work at computers in an office.
    Cybersecurity and risk
    The fruits of business resilience
  • ServiceNow named a Leader in the 2021 Gartner Magic Quadrant for Enterprise Low-Code Application Platforms
    Application Development
    ServiceNow recognized a Leader in 2021 Gartner® Magic Quadrant™ for Low-Code Application Platforms
  • Gartner Magic Quadrant for IT Risk Management
    Cybersecurity and risk
    ServiceNow: A Leader in Gartner® Magic Quadrant™ for IT Risk Management for Second Year

Year