Publication Peer Review
Annex 10 to the CSA Code of Conduct for GDPR Compliance
Open Until: 04/10/2023
This annex from the Privacy Level Agreement Working Group aims to map the Code of Conduct with the CCPA. The accompanying spreadsheet, CCPA - CSA Code of Conduct Gap Resolution (CoC), is intended to be reviewed in conjunction with Annex 10 to the CSA Code of Conduct for GDPR Compliance report.
This Annex has been set up for the purpose of specifically addressing the compliance obligations to which CSPs are subject, as service providers, pursuant to the CCPA (in addition to the requirements set out under the GDPR as processors, which are already covered by the CoC's controls). In particular, Annex 10 specifies amendments and additions to the CoC's controls (set out under Part 2) and the related Glossary (set out under Part 1) with which a CSP must ensure compliance in order to be able to use adherence to the CoC to help demonstrate to Cloud Customers the level of privacy protection that they undertake to maintain for a specific service, not only under the GDPR, but also under the CCPA.
Peer review period has ended.