16 September 2021 Posted by: Jan

Data Breaches and Privacy Incidents: how PrivacyRun helps minimizing the risk of civil action

The California Consumer Privacy Act (CCPA) gives California consumers the right to institute civil action for statutory damages, Cal. Civ. Code § 1798.150(a)(1), and  to recover damages in an amount not less than one hundred dollars ($100) and not greater than seven hundred and fifty ($750) per consumer per incident or actual damages, whichever is greater.” Id. § 1798.150(a)(1)(A).

 

The CCPA allows a civil action only for breaches involving the nonencrypted or nonredacted personal information of California consumers Id. § 1798.150 (a) (1).

 

Prior to initiating any action against a business for statutory damages would-be plaintiffs has to provides the business with 30 days’ written notice identifying the specific provisions of this title the consumer alleges have been or are being violated.

 

In the event a cure is possible, if within the 30 days the business actually cures the noticed violation and provides the consumer an express written statement that the violations have been cured and that no further violations shall occur, no action for individual statutory damages or class-wide statutory damages may be initiated against the business. Id. § 1798.150 (b).

 

The regulation does not specify the meaning of “cure”.  This statement will probably require additional clarification from the California Attorney General.

Privacy run implements a complete workflow allowing incident registration

 

PrivacyRun provides a tool for a comprehensive personal data breach incident management. It implements a complete workflow allowing incident registration, analysis and processing of customer and Attorney General Notifications.

 

 

The system helps minimizing the risk of civil action by promptly handling all incident notices from consumers.

 

It allows businesses register notices received in any form (email, fax etc.), automatically generate template based responses and required notifications and starting process of mitigating the breach. The system tracks all deadlines and notifies operators along the process to avoid missing the deadlines required by law.

 

 

About us

What is PrivacyRun?

Here at PrivacyRun we built our solution with you in mind. Our data privacy platform supports your company’s compliance with local data privacy laws like GDPR and CCPA. We enable you to monitor where and how data is handled, track employee training and keep you up to date on privacy requests – helping you navigate the complex world of privacy compliance from one place.

Let’s talk about your project

    Let's talk*

    yarrl is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. If you consent to us contacting you and storing your personal data for this purpose, please tick the checkbox below:

    For more information about our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.