Compliance
VCDPA
On January 1st 2023, Virginia became the second US state to enact a comprehensive privacy law with the Virginia Consumer Data Protection Act (VCDPA), which is similar in scope to the CCPA but with some crucial differences.
What is VCDPA?
The VCDPA’s primary objective is to protect individuals’ privacy as well as inform them whether their data is being processed.
The Attorney General of Virginia define personal data as meaning “any information that is linked or reasonably linkable to a Virginia resident. It does not include publicly available information such as government-held public records”. Protected health data under the HIPAA as well as a number of other pieces of data are exempt from the VCDPA.
Consumers have the right to submit a request to controllers to ask how data is being used, to delete data and opt-out, as well as requesting copies of the personal information that is being collected by an organization. Businesses must respond to these requests within 45 days of the request being made or face fines of up to $7500 per violation.
Does your business need VCDPA compliance?
The Virginia Consumer Data Protection Act applies to any business doing business in Virginia or targeting Virginia residents that (annually):
- Controls or processes the personal data of at least 100,000 consumers
- Controls or processes the personal data of at least 25,000 consumers and derives at least 50% of its gross revenues from selling personal data
Some entities that are exempt from VCDPA include: a state/local government, non-profit organization or an institution of higher education.
Download our “data myths and misconceptions” research report
Discover:
- The most popular data protection measures and if consumers find them effective
- How aware consumers are of the level of information that companies can collect about them
- If consumers keep up to date with data privacy legislation
- How companies can build customer trust by respecting data
High volume, fast response querying
Cassie can process up to 50,000 transactions per second, which means however large your operation is you’ve got peace of mind…Our largest client has 400 million data subjects.
Deeper customer insight
Cassie’s Customer service portal will let you capture up to 13 fields. You’ll be able to learn more about your customers in order to create personalized customer journeys.
Ensure data security
Cassie is SOC 2 certified, assuring organization’s data is safeguarded from unauthorized access or breaches with industry-leading encryption protocols and practices
Centralized source of truth
Use Cassie to honor and enforce consent data via APIs and integrations at high volume, in real-time for GDPR compliance across your tech stack (CRMs, CMS, marketing automation tools, BI tools)
Complex consent made simple
For every consent captured, Cassie can store unlimited key value pairs of additional information against those consents to unlock scalable, granular consent management