By Adrianne Appel2023-09-12T12:41:00
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the state’s privacy rulemaking agency, which debated a preliminary draft of the rules Friday.
The draft cybersecurity rules were approved among sweeping amendments to the state’s 2020 data privacy law under the California Privacy Rights Act. The changes to the California Consumer Privacy Act (CCPA) created the California Privacy Protection Agency (CPPA) to write and enforce the rules.
The five-member CPPA board mainly debated two aspects of the cybersecurity rules Friday: which businesses should be required to conduct annual audits and what should be included in those audits.
2024-01-09T20:16:00Z By Adrianne Appel
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
2023-12-01T22:34:00Z By Adrianne Appel
The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
2023-10-17T13:46:00Z By Matt Honea, CW guest columnist
The need to prove network compliance is intensifying as lawmakers introduce new privacy legislation and organizations update their contractual security requirements for third-party vendors.
2025-08-22T19:05:00Z By Adrianne Appel
Businesses operating in California will need to meet new, first-in-the-nation privacy requirements for cybersecurity, risk assessments, and automated decision-making technology, under a large expansion of rules by the state.
2025-08-18T17:44:00Z By Aly McDevitt
The U.S. Department of Justice has filed two lawsuits against the California Air Resources Board, claiming it no longer has the legal right to enforce strict emissions rules for heavy-duty trucks.
2025-08-14T15:13:00Z By Ruth Prickett
Navigating tariffs and sanctions is becoming a core part of compliance for many companies. As the U.S. and others use economic policies for political aims, compliance teams must adapt to this new geoeconomic trend.
Site powered by Webvision Cloud