CPPA seeking comment on cybersecurity audit, risk assessment rule adds
By 
Adrianne Appel2023-02-13T19:00:00
The California Privacy Protection Agency (CPPA) is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
The California Privacy Rights Act (CPRA) mandated the agency write cybersecurity audit and risk assessment rules for businesses whose processing of consumer personal data presents “significant risk to consumers’ privacy or security,” according to the CPPA’s request for comments published Friday.
The agency also will write rules concerning use of automated decision-making technology by businesses regarding consumers’ opt-out rights and their access to data.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumCPPA eyeing broad scope in early discussions around data risk assessments
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
-
News BriefLatest CCPA sweep targets employee, applicant info protections
The California Office of the Attorney General has turned its attention to the practices of large companies regarding the protection of the personal information of employees and job applicants as part of its latest investigative sweep under the California Consumer Privacy Act.
-
OpinionLegacy of CCPA: A blueprint for prioritizing compliance
Three years in, the promise of the California Consumer Privacy Act as a means of handing down eye-watering penalties against companies for data protection violations remains unfulfilled. And yet, the expanding U.S. data privacy legislation landscape is better for this.
More from Regulatory Policy
-
News BriefNot just for the rich: SEC may make closed-end funds available to retail investors
Securities and Exchange Commission Chair Paul Atkins indicated he favors changing the agency’s requirement that only the wealthy can invest in so-called “closed-end” private equity funds and hedge funds.
-
Basic PageDOJ shutters FBI unit that investigated Trump and 2020 election interference
The Department of Justice (DOJ) has shuttered a special Federal Bureau of Investigation (FBI) unit that focused on public corruption and whose legwork led to the special counsel investigation of President Donald Trump for trying to overturn the 2020 election results.
-
News BriefTrump administration launches pressure campaign against EU Digital Services Act
The Trump administration is preparing to ask the European Union to alter or water down its rules on content moderation on social media, claiming that they hurt the competitiveness of American technology companies.