CCPA/CPRA

Data Privacy

California set the benchmark for US consumer privacy with the CCPA, significantly strengthened by the CPRA amendments. This assessment measures how well your organization meets its obligations — from honoring opt-out requests and Global Privacy Control signals to managing sensitive personal information and preparing for the upcoming ADMT, risk assessment, and cybersecurity audit regulations. It covers consumer rights (know, access, delete, correct), sale and sharing controls, service provider management, data minimization, and the January 2026 regulatory updates. The CCPA applies to for-profit businesses meeting revenue or data volume thresholds that collect personal information of California residents, enforced by the California Privacy Protection Agency with penalties up to $7,988 per intentional violation.

Domains

Questions

~24 min

Estimated Time

What You'll Be Assessed On

Applicability & Scope Applicability Check

3 questions

Privacy Notices & Transparency (§1798.100, §1798.130)

3 questions

Consumer Rights — Know, Access, Delete, Correct (§1798.100–§1798.106)

5 questions

Opt-Out of Sale/Sharing & Non-Discrimination (§1798.120, §1798.125)

3 questions

Data Minimization, Retention & Security (§1798.100)

3 questions

Service Provider & Contractor Management (§1798.140)

2 questions

Sensitive Personal Information (§1798.121)

2 questions

Governance, Training & ADMT

3 questions

Step-by-Step

Answer questions one domain at a time with progress tracking.

Instant Scoring

Get a weighted maturity score and per-domain breakdown immediately.

Actionable Roadmap

Receive a phased remediation plan tailored to your results.

Takes approximately 24 minutes to complete.