California’s first-in-the-nation privacy agency is drafting standards for risk assessments—the process where a company weighs the risks and benefits of its data processing activities—and cybersecurity audits, which examine how collected personal information is kept secure.
The California Privacy Protection Agency first floated directions it might take earlier this month at a July 14 meeting on the topic, which will affect most firms doing business in the state.
Both components were part of updates to the state’s comprehensive privacy law under the voter-approved California Privacy Rights Act, the 2020 measure that requires cybersecurity audits be done annually and risk assessments be ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.