CCPA does not apply to non-profits.
We probably should also take care of making sure storage of phone number is secure and encrypted
Original
Since phone numbers would be considered as a PII information, it is important that we need to consider what we need to do in order to comply w/ GDPR and CCPA (California specific law)
Evaluation is needed for law requirements, storage requirements and risk mitigation.
Company needs to comply with - removal request, as well as retrieval of information relating to the requestor
Storage requirements:
Encryption.
Mitigation of risk:
Potentially have policy of purging stored records for a specific date time
Potentially not storing phone number with the full name - but only with court cases (ie - who is looking to get notified of the case is not associated with the specific person that is interested in the case)
NOTE: This is closed as
Original
Since phone numbers would be considered as a PII information, it is important that we need to consider what we need to do in order to comply w/ GDPR and CCPA (California specific law)
Evaluation is needed for law requirements, storage requirements and risk mitigation.
Law requirements:
Storage requirements:
Mitigation of risk: