Utah Data Protection Law Utah Data Protection Law

The UCPA applies to individuals who conduct business in Utah or who process personal data of a specific number of residents.

The Trust Challenge

Obligations & Consequences

The following are few key obligations & consequences, flowing from the UCPA, on any organization to whom these provisions apply:

Pointer

UCPA requires that companies uphold the principle of “Transparency” where informing users what data is collected from them, the purpose for collection, what data is shared with third parties, and how to exercise their data rights.

Pointer

The UCPA mandates the collecting of parental consent in order to process children's personal data.

Pointer

The UCPA grants the consumer four basic rights: Right to access, right to delete, right to data portability, and right to opt out of certain processing.

Pointer

Adoption of the “Data Minimization”, which implies that, organizations must collect & retain what is reasonably necessary and proportionate to the intended purpose.

The Trust Challenge

Challenges

Following challenges, emanating from the UCPA requirements, are currently being encountered by various organizations:

Pointer

To facilitate its smooth implementation of UCPA Organizations need to have knowledge of their entire "Data Footprint" to facilitate implementation of the CPA.

Pointer

Lack of visibility for Organizations sharing the user data with various third parties, during the course of its business.

Pointer

Manually managing data mapping and inventory to adhere to UCPA requirements is costly and time-consuming, but must be done within a 45 days period or the organization opens itself to sanctions.

Pointer

Implementation of Data Minimization under UCPA.

Pointer

Lack of provision or process to delete the data, despite the fact that the UCPA mandates data deletion when the lawful basis for processing expires.

Pointer

Organizations lack the mechanism of validating the permanent deletion of the data.

Win-Win Situation

Solutions

Ardent Privacy’s Solutions relating to the above mentioned challenges:

Pointer

Data discovery, inventory and mapping: Our AI-based, patented solution, TurtleShield PI (Privacy Intelligence) discovers all personal and sensitive data in structured and unstructured data systems across on-premises and multi-cloud environments.
TurtleShield DI (Data Inventory) enables organizations to inventory & map their entire “Data footprint”, enabling them to protect what matters the most.

Pointer

Third party “Privacy Intelligence” (monitors third party sharing): Often there are silos within entities or business and IT teams and it is challenging to get a full picture of data going outside organization and which is coming into organization, especially when data is shared with third parties, vendors, business partners and much more. Our TurtleShield PI (Privacy Intelligence) creates a data map based on your “data sharing”, to facilitate you to take action on it.

Pointer

“Data Minimization”: TurtleShield DM (Data Minimization) helps businesses minimize excess data and adhere to data minimization principle. This is data hygiene control and we are approaching it from a risk reduction and compliance perspective. We scan large data sets to scan for excess data using Machine Learning and find out excess data including personal data. This can eliminate operational inefficiencies and save cost by removing the unwanted data and legal cost of having it with respect to regulatory compliance.

Pointer

“Right to be Forgotten (RTBF)” with Assured Deletion: With TurtleShield RTBF (Right to Be Forgotten) provides the businesses the capabilities to comply with mandatory deletion of personal data by providing the capabilities to delete the data on request along with the validation of the deletion.

Pointer

Enable Data subject rights with cost savings and compliance in totality: Search capability in large datasets to fulfill data subject requests in totality and at rapid space. Assumption that data only exists in databases and nowhere else is often not reality as customer data exists in many sources. Using Machine learning and AI we crawl across data sources and predict where PII can exist.

The Trust Challenge

Obligations & Consequences

The following are few key obligations & consequences, flowing from the UCPA, on any organization to whom these provisions apply:

  • UCPA requires that companies uphold the principle of “Transparency” where informing users what data is collected from them, the purpose for collection, what data is shared with third parties, and how to exercise their data rights
  • The UCPA mandates the collecting of parental consent in order to process children's personal data.
  • The UCPA grants the consumer four basic rights: Right to access, right to delete, right to data portability, and right to opt out of certain processing.
  • Adoption of the “Data Minimization”, which implies that, organizations must collect & retain what is reasonably necessary and proportionate to the intended purpose.
The Trust Challenge

Challenges

Following challenges, emanating from the UCPA requirements, are currently being encountered by various organizations:

  • To facilitate its smooth implementation of UCPA Organizations need to have knowledge of their entire "Data Footprint" to facilitate implementation of the CPA.
  • Lack of visibility for Organizations sharing the user data with various third parties, during the course of its business.
  • Manually managing data mapping and inventory to adhere to UCPA requirements is costly and time-consuming, but must be done within a 45 days period or the organization opens itself to sanctions.
  • Implementation of Data Minimization under UCPA.
  • Lack of provision or process to delete the data, despite the fact that the UCPA mandates data deletion when the lawful basis for processing expires.
  • Organizations lack the mechanism of validating the permanent deletion of the data.
Win-Win Situation

Solutions

Ardent Privacy’s Solutions relating to the above mentioned challenges:

  • Data Discovery, inventory and mapping:
    Our AI-based, patented solution, TurtleShield PI (Privacy Intelligence) discovers all personal and sensitive data in structured and unstructured data systems across on-premises and multi-cloud environments.
    TurtleShield DI (Data Inventory) enables organizations to inventory & map their entire “Data footprint”, enabling them to protect what matters the most.
  • Third party “Privacy Intelligence” (monitors third party sharing):
    Often there are silos within entities or business and IT teams and it is challenging to get a full picture of data going outside organization and which is coming into organization, especially when data is shared with third parties, vendors, business partners and much more. Our TurtleShield PI (Privacy Intelligence) creates a data map based on your “data sharing”, to facilitate you to take action on it.
  • “Data Minimization”:
    TurtleShield DM (Data Minimization) helps businesses minimize excess data and adhere to data minimization legal requirements. This is data hygiene control and we are approaching it from a risk reduction and compliance perspective. We scan large data sets for excess data using Machine Learning, removing unnecessary and irrelevant personal data. Removing this data reduces costs by eliminating operational inefficiencies and ensuring compliance with regulatory mandates.
  • “Right to be Forgotten (RTBF)” with Assured Deletion:
    With TurtleShield RTBF (Right to Be Forgotten) provides the businesses the capabilities to comply with mandatory deletion of personal data by providing the capabilities to delete the data on request along with the validation of the deletion.
  • Enable Data subject rights with cost savings and compliance in totality:
    The assumption that data only exists in databases and nowhere else is often not reality, as customer data exists in many sources. Using Machine Learning and AI we predict where PII can exist, giving the ability to quickly fulfill data subject requests across the totality of large datasets, improving the speed and completeness of regulatory request compliance.

Featured News, Blogs & Events

Be the first to catch our latest updates,
happenings and more.

Follow us