How Comcast Streamlined Privacy Data to Become CCPA Compliant
Is Your Business Ready as Consumer Privacy Concerns Rise?
May 6, 2021
In today’s online data-driven world, more consumers want to know how their personal data is being collected and distributed amongst the marketplace. This has led to tougher government regulations and deafening consumer demand for companies to be more transparent. This trend will only continue and force businesses to bring privacy data control to the forefront of their digital transformation journey. Those companies that don’t, will see a decrease in buyer confidence and be left behind.
In 2018, the groundbreaking California Consumer Privacy Act (CCPA) was passed. This legislation requires companies to show how consumer privacy data is used and shared with third-party companies. It also gives the consumer unprecedented rights to control information collected on them and how companies use that data. This has set a new standard for companies nationwide to give consumers control over their privacy data.
To meet these evolving regulations head-on and anticipate other states following suit, Comcast strategically implemented an automated solution across tens of thousands of applications that helped their customers quickly access their private data. This best practice can be implemented for companies of all sizes to meet consumer demand and abide by any future regulations set to protect data collection.
Comcast’s CCPA Compliance Self-Service Solution
The passing of the CCPA created a massive operational challenge for California businesses. It also set a standard for other states to set tighter privacy regulations which will further complicate the way businesses address data collection.
Comcast partnered with Excellis to design a timely solution that was CCPA compliant by streamlining privacy information requests. Together, they architected a self-service solution that gathered privacy information across tens of thousands of applications and allowed their customers to easily access and control their personal data.
This flexible system allowed easy scalability and adaptability to accommodate any future compliance needs – whether in California or other states. With future enhancements in mind, this architected solution positioned Comcast to handle similar privacy requests for other user types, such as employees and contractors.
This automated solution provided an end-to-end digital system that fielded privacy requests from the user to an intuitive self-service portal where they can customize how they want their data collected and shared. It allows the user to do a combination of the following:
- Opt-out of data sharing
- Delete data
- Request a full transparency report on collected data and how its usage
- Download an exhaustive copy of the information.
After choosing which path they want, the system automatically puts it in a queue and routes the request based upon the desired action.
This CCPA compliant solution searches through and retrieves all pieces of privacy information collected on the user (anything from eye color to social security number) across every Comcast application. Once retrieved, it executes the request and sends information back to the user where they can access it via the self-service portal.
In order to architect this massive system, Excellis utilized Amazon Web Services (AWS), Mulesoft API Management Services, and Java code that stitched together the end-to-end workflow. Other solutions provided included project management, strategic architecture, business analyst work, UI design, and development.
This CCPA compliant solution automated the entire workflow. It eliminated an extensive amount of manual work in retrieving the requested privacy data per user. It met the CCPA requirements, providing users complete control over their own personal information. By reducing calls into customer service, the solution dramatically decreased the cost of manual effort to maintain CCPA compliance. Most importantly, it met consumer demands and allowed Comcast to reallocate resources to more profitable aspects of its business.
How You Can Make Consumer Privacy a Priority
The CCPA is only the beginning of raising the flag on consumer privacy. Businesses need to anticipate this trend and plan for it today. Whether you need to become CCPA compliant or meet the consumer demand to be more transparent, Excellis can tailor a consumer privacy solution to meet the needs of your specific business. Contact us today!
Frequently Asked Questions
Looking for more information about the CCPA compliant regulation? Keep reading to see how it affects your business.
What Does it Mean to Be CCPA Compliant?
In 2018, the CCPA was signed into law and changed the way California businesses collected and shared consumer data. Set to go into effect on January 1, 2020, this monumental shift in data privacy allows California consumers the right to:
- Know the personal information a business collects about them and how it is used and shared
- Delete personal information collected from them (with some exceptions)
- Opt-out of the sale of their personal information
- Non-discrimination for exercising their CCPA rights
This comprehensive law only applies to for-profit businesses that do business in California and meet any of the following criteria:
- Have a gross annual revenue of over $25 million
- Buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices
- Derive 50% or more of their annual revenue from selling California residents’ personal information.
What is “Personal Information”?
A consumer’s “personal information” includes the following:
- Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, e-mail address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers
- Characteristics of protected classifications under California or federal law
- Commercial information, including records of personal property; products or services purchased, obtained, or considered; or other purchasing or consuming histories or tendencies
- Biometric information
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet web site, application, or advertisement
- Geolocation data
- Audio, electronic, visual, thermal, olfactory, or similar information
- Professional or employment-related information
- Education information
- Inferences drawn from any of the information collected to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
Information excluded from liabilities under CCPA includes any information publicly available from the state, federal, or local government records. Businesses face heavy fines and potential lawsuits if they do not comply.
Contact us to begin architecting a cost-effective solution for a safe and secure site!