Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Right of Data Portability
The right of data portability is a privacy right that allows individuals to request their personal data from a service provider in a structured, easily understood, and machine-readable format. With this right, customers can transfer their data to another service provider without hindrance.
Under CCPA (California Consumer Privacy Act), the right of data portability falls under the broader scope of Right of Access to one’s personal information collected by a business.
The right of data portability applies to the personal information that a business has collected from the consumer over the 12 months preceding the request.
The right can be exercised on the part of the customer by raising a request by submitting an online form, calling a toll-free number, or sending an e-mail to the business. Within 10 days of receiving the request, the business needs to confirm its receipt and provide the information within 45 days.
If the same has not been received within that said period, then the business will extend this period by another 45 days; however, for this, they must notify the customer and state the reason for such a delay.
Failure to comply with a valid data portability request may yield severe penalties under the CCPA, including fines of up to $7,500 per violation if found intentional. Beyond that, it would also severely dent a business’s reputation and chances of consumers trusting their business and subsequently facing lawsuits.
Additional reading
How to conduct a user access review?
ISO 27001 Risk Management Policy – Steps to Get Started
Cybersecurity in the Internet of Things: Protecting Connected Devices

Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
