"California privacy law has entered a new phase. In Part Two of this two-part episode of The Briefing, Weintraub Tobin Partners Scott Hervey and Richard Buckley break down the CCPA's new requirements for Risk Assessments and Cybersecurity Audits. In this episode, they cover: When Risk Assessments are required and what they must evaluate How businesses must weigh operational benefits against privacy risks Who must be involved in conducting Risk Assessments and when"
"In Part Two of this two-part episode of The Briefing, Weintraub Tobin Partners Scott Hervey and Richard Buckley break down the CCPA's new requirements for Risk Assessments and Cybersecurity Audits. When Cybersecurity Audits are triggered and what they must include What businesses must submit to the California Privacy Protection Agency Tune in for part two on how a clear look at how California privacy law is turning AI compliance into an operational requirement. Watch this episode on or listen to the here."
California privacy law now requires targeted CCPA Risk Assessments and Cybersecurity Audits for specified processing activities. Risk Assessments must evaluate the nature of personal data, processing purposes, scope, likelihood of harm, and effectiveness of mitigation measures. Businesses must weigh operational benefits against privacy risks when deciding to proceed with processing. Appropriate stakeholders and qualified personnel must be involved in conducting Risk Assessments at relevant project stages. Cybersecurity Audits are triggered by certain events or processing types and must include technical and organizational security evaluations. Businesses must submit specified assessment and audit outputs to the California Privacy Protection Agency. AI-related processing will be subject to these operational compliance requirements.
Read at The IP Law Blog
Unable to calculate read time
Collection
[
|
...
]