Store your business’ essential documents securely offsite to save space and ensure compliance.
Protect your business’s digital media in a secure, climate-controlled vault.
Secure your essential records like wills, evidence, trusts, and legal documents in our vault.
Preserve the safety and integrity of biological samples, pathology slides, and critical medical materials with secure, climate-controlled storage.
Easily manage and track your inventory online with Corodata’s secure and user-friendly Client Portal.
Need storage boxes? Order Corodata’s durable, secure boxes online in just a few clicks. Keep your records organized and protected.
Access your physical documents digitally with Corodata’s Scan on Demand service. Deliver secure, on-request scans directly to your device.
Digitize large quantities of documents efficiently with Corodata’s High Volume Scanning. Ensure quick, secure, and accurate conversion to digital files.
Securely access your digital and scanned documents anytime from your desktop, tablet, or phone with CoroVault.
Keep your business compliant and secure with our NAID-certified paper shredding services.
Prevent data breaches with certified hard drive destruction, fully wiping data and ensuring compliance.
Host a shred event to provide secure shredding services to your community at a central location with our mobile shred truck.
We offer a range of secure, locked shred bins and consoles designed to safely store confidential documents and files. Explore our available options today!
Stay informed with the latest records management tips, industry news, and expert insights.
Unlock free exclusive ebooks, templates, and checklists to streamline your business operations.
Access free on-demand webinars to master Corodata’s client portal.
This guide reveals exactly which business records to keep and for how long.
Safeguard your business operations and speed up recovery during a crisis by completing this disaster recovery plan.
Easily maintain HIPAA compliance with our comprehensive checklist.
Since 1948, we have delivered secure records management solutions to help businesses confidently protect and manage their information.
If you’re still a little unsure about how to comply with California’s new privacy law, fear not. We’ve got your checklist right here to help you avoid those CCPA fines.
Although Streck won’t go as far as saying you should create an entire team to direct CCPA compliance efforts, she will say that it’s more likely that your business will meet the 2020 deadline with a team, versus an individual.
What you need on this team is a mixture of legal expertise (i.e. an attorney) and process expertise. “If you’re a legal expert with no process experience you can say ‘classify your data,’ but you need a process person who actually knows what that means,” Streck says.
Your company must provide notice to California consumers about what information you are collecting or disclosing to other entities before you start collecting it, as Streck noted. Specifically, you must tell consumers what categories of information you’re collecting—i.e. physical addresses, financial information, and even sleep habits—and if it isn’t listed in your privacy policy, you can’t collect it.
You must also inform California consumers if you’re selling this information to another party—and what categories of information you’re selling, as well as who you’re selling it to. Furthermore, you need to add a link on your website that clearly allows users to opt out of having their information sold.
Now, the hard part. You can’t just collect data—you need to categorize it appropriately, advice Streck has been giving to her records management clients for years, but which has taken on a new urgency. “If you don’t classify this data, deleting it upon request is almost impossible, as is complying with other regulatory obligations for recordkeeping,” she says.
Some considerations while you create the records of this data include:
If your company shares data with one or more third parties, you need to be aware of and document the exact relationship. Is the information being sold, or merely disclosed? Is it just certain categories of a consumer’s information that’s being sold? And to whom?
The CCPA gives consumers the right to access the information collected from them; this access must be given within 45 days. The same goes for requests from consumers to delete their information from your system—which they can do while also still allowing you to collect data from them.
You’ll need to not only create a system to document these requests, but also implement authentication processes to verify that they are coming from the consumer whose data you have. You will also need to decide what the official source of these data sets will be, if the data is being stored in various iterations.
And don’t forget to train customer service reps on how to respond to these requests.
Streck has seen plenty of companies end up with nightmarishly cluttered databases despite creating data collection processes. The problem, she says, is that the creators of the processes simply don’t think about the total lifecycle of the data, from collection to eventual deletion. Embedding these principles in all areas of your business will save you from a lot of headaches down the line.