San Francisco, March 19, 2019 – TrustArc, the leading privacy compliance company, today announced results from a survey conducted by Dimensional Research that gauges the readiness of U.S. companies and their plans for complying with the California Consumer Privacy Act (CCPA), as compared to the General Data Protection Regulation (GDPR).
Key findings from the research highlight that with less than 10 months to the deadline, only 14% of companies surveyed are compliant with CCPA and 44% have not yet started the implementation process. Of companies that have worked on GDPR compliance, 21% are compliant with CCPA, compared to only 6% for companies that did not work on GDPR.
“At TrustArc, we’ve seen a significant increase in the number of customers coming to us for support to comply with CCPA,” said Chris Babel, CEO of TrustArc. “Companies that took the steps to comply with GDPR are already ahead of the game and will have an easier path to meet the requirements of CCPA. The companies that did not work on GDPR compliance will be under the gun to implement scalable compliance processes by the January 1, 2020 deadline.”
The CCPA is set to be the toughest privacy law in the United States, broadly expanding the rights of consumers, and requiring businesses within scope to be significantly more transparent about how they collect, use, and disclose personal information. The CCPA compliance deadline is January 1, 2020 and will impact tens of thousands of businesses worldwide that have customers or employees located in California.
Additional findings from the TrustArc and Dimensional Research survey include:
Investments to comply run high
- 71% of companies expect to spend more than six figures to comply with CCPA
- 1 in 5 expect to spend more than $1 million to achieve CCPA compliance
- For companies that were not impacted by GDPR, 79% will spend more than six figures to comply with CCPA, compared to 61% who have worked on GDPR compliance
Companies need help to understand and plan for CCPA
- 88% require external help to understand CCPA requirements
- 72% plan to invest in technology to prepare for CCPA, while 61% plan to spend on consulting expertise
- 64% of companies need help developing their CCPA privacy plan
Motivations for complying with CCPA vary
- 62% of respondents list that the top motivation to comply is to meet partner and/or customer requirements
- 45% list internal reporting requirements and 41% supporting company values
- 35% list the risk of fines or class action lawsuits as the top driver, and 18% the risk of negative media coverage
To download the complete findings, please visit: CCPA and GDPR Compliance Report.
To learn more about TrustArc CCPA solutions, visit: CCPA Program Development.
About the Research
The survey was fielded online from February 15 to 27, 2019 to 250 IT and privacy/legal professionals with responsibility for privacy at companies in the United States required to meet CCPA compliance. Company size ranged from 500 to more than 50,000 employees from a cross-section of industries, including technology, manufacturing, business services, and financial services and insurance.
TrustArc is the leader in privacy compliance and data protection solutions and offers an unmatched combination of innovative technology, services and TRUSTe certification solutions. TrustArc addresses all phases of privacy program management and has been delivering innovative privacy solutions for two-decades to companies across all industries. The TrustArc platform leverages deep privacy expertise and proven methodologies, which have been continuously enhanced through thousands of customer engagements. Headquartered in San Francisco, and backed by a global team across the Americas, Europe, and Asia, TrustArc helps customers worldwide demonstrate compliance, minimize risk and build trust. For additional information visit www.trustarc.com.
For media inquiries, please contact: