By
Adrianne Appel2023-09-12T12:41:00
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the state’s privacy rulemaking agency, which debated a preliminary draft of the rules Friday.
The draft cybersecurity rules were approved among sweeping amendments to the state’s 2020 data privacy law under the California Privacy Rights Act. The changes to the California Consumer Privacy Act (CCPA) created the California Privacy Protection Agency (CPPA) to write and enforce the rules.
The five-member CPPA board mainly debated two aspects of the cybersecurity rules Friday: which businesses should be required to conduct annual audits and what should be included in those audits.
2024-01-09T20:16:00Z By Adrianne Appel
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
2023-12-01T22:34:00Z By Adrianne Appel
The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
2023-10-17T13:46:00Z By Matt Honea, CW guest columnist
The need to prove network compliance is intensifying as lawmakers introduce new privacy legislation and organizations update their contractual security requirements for third-party vendors.
2025-10-27T20:16:00Z By Adrianne Appel
California has delayed the release of draft greenhouse gas reporting rules for businesses until early 2026, the California Air Resources Board said.
2025-10-27T19:06:00Z By Neil Hodge
New rules that have recently come into effect across the EU will allow for greater transfers of data between companies, though experts fear the changes could conflict with Europe’s strict privacy legislation, which protects personal information.
2025-10-24T18:05:00Z By Adrianne Appel
Nine states are collaborating to write and enforce comprehensive data privacy laws, in an effort to protect consumers across jurisdictions and due to the absence of a broad, federal privacy law.
Site powered by Webvision Cloud