CCPA Data Privacy Self Service

 

This article designed for technical HR roles covers global, common Data Subject rights across any and all applications which can cover both active and legacy systems in-house, cloud, and otherwise hosted.

 

Increasingly HR and Payroll service inboxes are targets of attempts to extract personal information and payment data.  Fuse leverages historical data archive to validate users in a credit-file-style security challenge process and multi-factor authentication.

 

Additionally, Data Subject Requests are becoming part of the helpdesk function and are often handled ad-hoc and not centrally reported or managed efficiently end-to-end.  

 

This exposes organizations to increasing data privacy compliance risks carrying real and significant monetary impacts.

 

Fuse offers a self-service feature, where affiliated persons can be invited to access their own profiles online long after the business or employment relationship has passed in order to:

 

  • Cut the risk of emailed phishing attempts aimed at HR and Payroll service email inboxes requesting personal information.
  • Reduce ticketing traffic for individual historical data requests.
  • Deploy multi-factor authentication.
  • Centralize data privacy requests of former employees, contractors, applicants for audit & compliance.
  • Implement Data Subject Rights of CCPA privacy compliance for enterprise Personal information

 

What are Data Subject Rights under CCPA?

 

  • Right to notice (notification)
  • Data Access
  • Opt-out (where applicable)
  • Request deletion
  • Right to equal services

 

Further Information

 

What are Data Subject Rights under GDPR?

 

  • Transparency, Communication
  • Information and Access to the data
  • Rectification and Erasure
  • Data Portability
  • Objection to or restriction of processing

 

Further Information

  

How are these features delivered?

 

Terminated persons may be invited to the self service portal where they are able to:

  • View the company privacy policy statement(s)
  • View their own data (access)
  • Download encrypted PDF copies of their information (portability)
  • Request that personal data (email, address, names, etc) be corrected and updated (remediation)
  • Be notified of and log changes to their data if applicable
  • Formally request that their PII information be purged after the business use expires (request deletion)
  • Handle verification of employment requests, pay information, W2 history 

Enter yout email to receive future articles related to Data Subject Rights: