Sweeping new California regulations on company privacy risk assessments could spark a compliance mad dash for businesses across the state that had been stuck in limbo due to years of uncertainty.
The rules adopted last Thursday by the California Privacy Protection Agency give clarity to businesses on what details to submit in such risk assessments, and as a result, could spur a spike in enforcement action. The agency also greenlit other rules on cybersecurity audits and automated technology.
Multiple states’ privacy laws, including California’s first-in-the-nation comprehensive privacy law, already require companies to detail the effects of their data collection practices. ...