Massive State of Unpreparedness for CCPA Compliance Exposed in Research from CYTRIO

Only 11% of companies are fully meeting CCPA requirements, while 89% of companies are either non-compliant or somewhat compliant
BOSTON - Jan. 26, 2022 - PRLog -- CYTRIO (, a data privacy compliance company, released the findings from its inaugural State of CCPA Compliance: Q1 2022 ( research results as of December 31, 2021, showing only 11% of companies are able to fully meet California Consumer Privacy Act (CCPA ( requirements, especially when managing Data Subject Access Requests (DSARs). The research also showed a disconnect in compliance with 44% of companies not providing any mechanism for consumers to exercise their data rights despite stating they needed to comply with CCPA in their privacy policies.

"The findings of our research show that companies are woefully unprepared for CCPA compliance, especially when it comes to enabling and responding to consumers' data privacy rights," said Vijay Basani (, founder and CEO of CYTRIO. "An overwhelming majority are manually responding to data requests with only a small number implementing DSAR management automation solutions. The reliance on manual processes exposes them to high DSAR compliance costs, long response times, errors that will erode consumer trust, and non-compliance actions by the California Privacy Protection Agency (CPPA)."

CYTRIO's State of CCPA Compliance: Q1 2022 report is the largest of its kind, studying 5,175 U.S. companies with revenues ranging from $25 million to more than $5 billion. CYTRIO conducted the study over six months to create the baseline research and plans to update it every quarter.

The research found that less than 11% of companies use DSAR management automation solutions. Nearly half of the companies (45%) relied on inefficient and costly manual processes such as email and web forms for submitting and responding to data requests.

California companies were not doing any better than their peers in other U.S. states, even though CCPA is a California regulation that gives its citizens' control over their personal information. Only 15.6% of companies in California had a DSAR management automation solution, and nearly two-thirds of California companies (59.3%) used manual processes, higher than any other state. New Hampshire companies led their peers from other states with 23.5% having DSAR automation management solutions.

"Overall, the results show that more needs to be done for CCPA compliance, and many lack the right resources and tools to meet the requirements," said Darshan Joshi (, Chief Technology Officer at CYTRIO. "The prevalent reliance on manual processes and the inability to address DSAR may increase the risks of a company's operations and shows we have more work to do in building awareness."

To access the full findings, go to:

To view the infographic, go to:

All trademarks recognized.


Tracy Wemett
BroadPR, Inc.
Email:*** Email Verified
Location:Boston - Massachusetts - United States
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Most Viewed
Daily News

Like PRLog?
Click to Share