Stock illustration: Automation Credit: Urupong Phunkoed/Shutterstock.com

Despite enforcement of the California Consumer Privacy Act (CCPA) coming online earlier this month, many companies in the state are struggling to comply with the far-reaching regulation. It's not just a lack of understanding about the CCPA's requirements that is holding them back. It's also a lack of automation and factors outside of their control, according to a new survey of 121 U.S.-based companies by cybersecurity and cloud services provider Akamai.

Complying with CCPA requirements is still a manual process for many organizations. Only around a third of survey respondents, for example, said they have fully automated their workflows around giving customers access to their personal data. Even fewer—23 percent—have done the same for customer requests to have their data deleted. However, 43 percent have fully automated the processes by which they enable customers to opt out of allowing the company to sell their personal data.

Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
  • Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Rhys Dipshan

CT-born, New York-based legal tech reporter covering everything from in-house technology disruption to privacy trends, blockchain, AI, cybersecurity, and ghosts-in-the-machine. Continually waiting for law to catch up with tech. (It's like waiting for Godot, but without the clowns)