COPPA Act | COPPA Privacy | COPPA Compliance Children’s Online Privacy Protection Act

The legislation establishes stronger standards for the use of data from and about children under the age of 13, and it gives parents the authority to monitor and authorise some of the information their children share.

The Trust Challenge

Obligations & Consequences

The following are few key obligations & consequences, flowing from the COPPA, on any organization to whom these provisions apply:

Pointer

Clear and comprehensive online privacy policy including what information is collected, how the information is used, and the collector's disclosure practices.

Pointer

Provide direct notice to parents of the privacy policy and the data collected from children.

Pointer

Obtain verifiable parental consent to data collection.

Pointer

Make it possible for a parent to evaluate the PI obtained from their child.

Pointer

Establish and maintain appropriate processes to safeguard the confidentiality, security, and integrity of personally identifiable information obtained from minors under the age of 13.

Pointer

Retain PI obtained online from a kid for no longer than is required to accomplish the reason for which it was collected.

The Trust Challenge

Challenges

The following are the issues created by COPPA that the majority of organizations face:

Pointer

The organization collects massive amounts of children data but lacks the capability to comply with privacy and security rules for the regulation.

Pointer

Manually managing data mapping and inventory to provide adequate security based on the risk related to the respective data collected.

Pointer

Lack of provision or process to destroy data despite the fact that the COPPA mandates that data be destroyed when the lawful basis for processing expires.

Pointer

Organisations do not have a mechanism in place to generate record of assurance that provide the proof of permanent deletion.

Win-Win Situation

Solutions

Our AI-based, patented solution, TurtleShield PI (Privacy Intelligence) discovers all personal and sensitive data in structured and unstructured data systems across on-premises and multi-cloud environments. TurtleShield DI (Data Inventory) enables organizations to inventory & map their entire “Data footprint”, enabling them to protect what matters the most.

Often there are silos within entities or business and IT teams and it is challenging to get a full picture of data going outside organization and which is coming into organization, especially when data is shared with third parties, vendors, business partners and much more. Our TurtleShield PI (Privacy Intelligence) creates a data map based on your “data sharing”, to facilitate you to take action on it.

TurtleShield DM (Data Minimization) helps businesses minimize excess data and adhere to data minimization principle. This is data hygiene control and we are approaching it from a risk reduction and compliance perspective. We scan large data sets to scan for excess data using Machine Learning and find out excess data including personal data. This can eliminate operational inefficiencies and save cost by removing the unwanted data and legal cost of having it with respect to regulatory compliance.

With TurtleShield RTBF (Right to Be Forgotten) provides the businesses the capabilities to comply with mandatory deletion of personal data by providing the capabilities to delete the data on request along with the validation of the deletion.

Search capability in large datasets to fulfill data subject requests in totality and at rapid space. Assumption that data only exists in databases and nowhere else is often not reality as customer data exists in many sources. Using Machine learning and AI we crawl across data sources and predict where PII can exist.

The Trust Challenge

Obligations & Consequences

The following are few key obligations & consequences, flowing from the COPPA, on any organization to whom these provisions apply:

Pointer

Clear and comprehensive online privacy policy including what information is collected, how the information is used, and the collector's disclosure practices.

Pointer

Provide direct notice to parents of the privacy policy and the data collected from children.

Pointer

Obtain verifiable parental consent to data collection.

Pointer

Make it possible for a parent to evaluate the PI obtained from their child.

Pointer

Establish and maintain appropriate processes to safeguard the confidentiality, security, and integrity of personally identifiable information obtained from minors under the age of 13.

Pointer

Retain PI obtained online from a kid for no longer than is required to accomplish the reason for which it was collected.

The Trust Challenge

Challenges

The following are the issues created by COPPA that the majority of organizations face:

Pointer

The organization collects massive amounts of children data but lacks the capability to comply with privacy and security rules for the regulation.

Pointer

Manually managing data mapping and inventory to provide adequate security based on the risk related to the respective data collected.

Pointer

Lack of provision or process to destroy data despite the fact that the COPPA mandates that data be destroyed when the lawful basis for processing expires.

Pointer

Organisations do not have a mechanism in place to generate record of assurance that provide the proof of permanent deletion.

Win-Win Situation

Solutions

Pointer

Data discovery, inventory and mapping: Our AI-based, patented solution, TurtleShield PI (Privacy Intelligence) discovers all personal and sensitive data in structured and unstructured data systems across on-premises and multi-cloud environments.
TurtleShield DI (Data Inventory) enables organizations to inventory & map their entire “Data footprint”, enabling them to protect what matters the most.

Pointer

Third party “Privacy Intelligence” (monitors third party sharing): Often there are silos within entities or business and IT teams and it is challenging to get a full picture of data going outside organization and which is coming into organization, especially when data is shared with third parties, vendors, business partners and much more. Our TurtleShield PI (Privacy Intelligence) creates a data map based on your “data sharing”, to facilitate you to take action on it.

Pointer

“Data Minimization”: TurtleShield DM (Data Minimization) helps businesses minimize excess data and adhere to data minimization principle. This is data hygiene control and we are approaching it from a risk reduction and compliance perspective. We scan large data sets to scan for excess data using Machine Learning and find out excess data including personal data. This can eliminate operational inefficiencies and save cost by removing the unwanted data and legal cost of having it with respect to regulatory compliance.

Pointer

“Right to be Forgotten (RTBF)” with Assured Deletion: With TurtleShield RTBF (Right to Be Forgotten) provides the businesses the capabilities to comply with mandatory deletion of personal data by providing the capabilities to delete the data on request along with the validation of the deletion.

Pointer

Enable Data subject rights with cost savings and compliance in totality: Search capability in large datasets to fulfill data subject requests in totality and at rapid space. Assumption that data only exists in databases and nowhere else is often not reality as customer data exists in many sources. Using Machine learning and AI we crawl across data sources and predict where PII can exist.

Featured News & Blogs

Be the first to catch our latest updates,
happenings and more.

Follow us