California CCPA Compliance Readiness Calculator

Evaluate your organization's CCPA compliance readiness across six key dimensions: Privacy Notice, Consumer Rights, Data Inventory, Security Measures, Vendor Management, and Training. Each dimension is scored 0–10 and weighted to produce an overall readiness score (0–100%).

Privacy Notice & Disclosure Quality (0–10)

Consumer Rights Fulfillment (0–10)

Data Inventory & Mapping Completeness (0–10)

Security Measures Adequacy (0–10)

Vendor & Service Provider Management (0–10)

Employee Training & Awareness (0–10)

Approximate Number of California Consumers Served per Year

Annual Gross Revenue (USD)

% of Annual Revenue from Selling Consumer Data (0–100)

Formula

Weighted Readiness Score (raw):

S_raw = (PrivacyNotice × 0.20) + (ConsumerRights × 0.25) + (DataInventory × 0.20) + (Security × 0.15) + (VendorMgmt × 0.10) + (Training × 0.10)

Readiness Percentage:

Readiness% = (S_raw / 10) × 100

Compliance Gap:

Gap = 100 − Readiness%

Illustrative Penalty Exposure:

Exposed Consumers = Total Consumers × 0.01

Unintentional Exposure = Exposed Consumers × $2,500 × (Gap / 100)

Intentional Exposure = Exposed Consumers × $7,500 × (Gap / 100)

CCPA Applicability (any one threshold triggers compliance):

T1: Annual Gross Revenue > $25,000,000
T2: Personal information of ≥ 100,000 consumers or households per year
T3: ≥ 50% of annual revenue derived from selling consumers' personal information

Assumptions & References

Dimension weights are assigned based on regulatory emphasis: Consumer Rights (25%) and Privacy Notice (20%) carry the highest weights as they represent the most operationally intensive and publicly visible CCPA requirements.
Scores of 0–10 are self-assessed; 0 = no controls/processes in place, 10 = fully documented, tested, and audited controls.
The 1% complaint rate used in penalty exposure is illustrative only and does not represent a legal or actuarial estimate. Actual enforcement actions depend on AG discretion and individual circumstances.
Civil penalty amounts per Cal. Civ. Code §1798.155: up to $2,500 per unintentional violation and $7,500 per intentional violation.
Private right of action for data breaches under Cal. Civ. Code §1798.150: $100–$750 per consumer per incident (not modeled here).
CCPA applicability thresholds per Cal. Civ. Code §1798.140(d) as amended by CPRA (Prop. 24, 2020).
CPRA (effective January 1, 2023) expanded CCPA with new rights (Right to Correct, Right to Limit Sensitive PI Use) and created the California Privacy Protection Agency (CPPA). This calculator reflects foundational CCPA/CPRA requirements.
Service provider contract requirements per Cal. Civ. Code §1798.140(ag) and CCPA Regulations §999.314.
Employee training requirements per CCPA Regulations §999.317(b) (Cal. Code Regs. tit. 11).
This tool is for informational and self-assessment purposes only and does not constitute legal advice. Consult qualified privacy counsel for compliance determinations.

California CCPA Compliance Readiness Calculator

Formula

Assumptions & References

In the network

Network

California CCPA Compliance Readiness Calculator

Formula

Assumptions & References

More Calculators

In the network

Network