News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-09-15T20:11:00
Businesses’ mishandling of consumer personal data has resulted in data breaches and an erosion of individuals’ rights, members of a California agency tasked with writing privacy risk assessment rules said.
The California Privacy Protection Agency (CPPA) met last week to consider its next batch of rulemaking under the California Consumer Privacy Act, which is set to include requirements for businesses handling the personal data of Californians to conduct risk assessments.
Still in draft form, the rules, along with those concerning cybersecurity audits and automated decision-making, are not expected to be finalized for at least a year. The CPPA previously released a batch of rulemaking that had its enforcement delayed until March 2024 following legal challenge.
The draft risk assessment regulations are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits. Businesses must conduct risk assessments before collecting any personal data and show how they would mitigate any significant risks.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2024-01-09T20:16:00Z By Adrianne Appel
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
2023-12-01T22:34:00Z By Adrianne Appel
The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
2023-10-31T16:00:00Z By Kyle Brasseur
In this episode of the Digital Transformation of Compliance podcast series, Pilar Caballero, chief compliance officer and chief privacy officer at Ryder, discusses her company’s process for vetting privacy concerns regarding use of new technologies.
2024-07-02T19:43:00Z By Aaron Nicodemus
The U.S. Supreme Court extended the statute of limitations for businesses attempting to challenge some federal regulations, allowing regulated entities a longer timeline to appeal a decision.
2024-06-28T19:55:00Z By Aaron Nicodemus
The Supreme Court of the United States overturned a long-held precedent in which courts deferred to federal agencies in interpreting complex or ambiguous regulations–a decision that could make thousands of federal regulations more vulnerable to legal challenges.
2024-06-28T17:00:00Z By Aaron Nicodemus
Financial institutions would be required to conduct more thorough risk assessments on their anti-money laundering/countering the financing of terrorism programs under a new rule proposed by the Treasury Department’s Financial Crimes Enforcement Network.
Site powered by Webvision Cloud