Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is the California Consumer Privacy Act (CCPA)?

The California Consumer Privacy Act is a state statute passed in 2018. It gives California residents new data privacy rights and requires compliance obligations from any for-profit entity that does business with California residents. Enforcement of CCPA regulations went into effect on January 1, 2020.

New privacy rights for California residents include:

  • The right to know about the personal information a business collects about them and how it is used and shared

  • The right to delete personal information collected from them (with some exceptions)

  • The right to opt out of the sale of their personal information

  • The right to non-discrimination for exercising their CCPA rights

Public, non-profit entities are exempt from complying with the CCPA. Any business’s contractual provision that would otherwise waive a California resident’s data rights is unenforceable under the CCPA. 

The CCPA protects personal information (PI) that identifies, relates to, or could reasonably be linked with a California resident or their household. Examples of CCPA-protected data include social security numbers, credit card numbers, and internet search history. Publicly available information is not protected under the CCPA.

Additional resources you might like:

Compliance
Event
State of Trust in AI

Join us, live, for a fireside chat with three leading AI companies, Factory, avoMD, and Stravito, where their leaders will discuss how their organizations leverage security best-practices and compliance with AI frameworks.

Compliance
Blog
How to scale your GRC program with automation

Manual GRC processes aren’t sustainable for growing businesses. That’s where GRC automation comes in. Read more.

Compliance
Blog
3 trends shaping the future of GRC and how to adapt today

Managing GRC today still requires a ton of manual work—but it doesn’t have to. Find how the future of GRC is evolving and how you can adapt today.

Additional resources you might like:

Compliance
Event
State of Trust in AI

Join us, live, for a fireside chat with three leading AI companies, Factory, avoMD, and Stravito, where their leaders will discuss how their organizations leverage security best-practices and compliance with AI frameworks.

Compliance
Blog
How to scale your GRC program with automation

Manual GRC processes aren’t sustainable for growing businesses. That’s where GRC automation comes in. Read more.

Compliance
Blog
3 trends shaping the future of GRC and how to adapt today

Managing GRC today still requires a ton of manual work—but it doesn’t have to. Find how the future of GRC is evolving and how you can adapt today.

Compliance
Event
Audit Prep Excellence: Your Path to Success

Join our interactive webinar featuring experts in compliance auditing for a live Q&A session. We'll dive into essential tips for preparing for various compliance audits, guide you through the nuances of both ISO 27001 and SOC 2 standards, and discuss best practices for maintaining continuous compliance.

Compliance
Event
How Fireant Achieved ISO 27001 Compliance Fast & Secured Government Business

Join Vanta and FireAnt as we demystify the compliance journey. We will explore how FireAnt, a Sydney-based software provider, leveraged Vanta’s automation to streamline their ISO 27001 certification process and unlock new business opportunities.

Compliance
Event
How to Automate ISO 27001 & SOC 2 Compliance

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo. Two of our team members will walk you through the platform and answer your questions in real time.

Compliance
Event
How to Automate SOC 2 & ISO 27001 Compliance

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo on July 9th at 11 am PST. Two of our team members will walk you through the platform and answer your questions in real time.

Compliance
Event
How to Automate ISO 27001 & SOC 2 Compliance

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo. Two of our team members will walk you through the platform and answer your questions in real time.

Compliance
Event
ISO 27001 vs. SOC 2: Which standard is right for my startup?

Starting a security compliance program requires time, effort, and planning. And knowing where to begin is half the battle. Are you wondering if your organisation should focus on ISO 27001? SOC 2? Both?