Proposition 24, creating the California Privacy Rights Act ("CPRA"), was approved by California voters.The California Consumer Privacy Act ("CCPA"), which was already the most comprehensive consumer data protection law in the United States, is amended by the CPRA.
Are you interested in learning more about California's new Privacy Rights Act? We looked deep into
the new legislation and found the five most significant changes.
The following are some of the most significant changes:
New categories of personal information,
New consumer rights,
New third-party duties, and
New notice, consent, and design rules are all part of the new scope.
Look into the Cybersecurity Risk Management and why it is important for businesses?
Here you have some of the Key Rights to California Privacy Rights Acts
Right to Updating Inaccurate Information
Personal Information May Be Collected Subject to Data Minimization and Purpose Restrictions
Right to Receive Confirmation from Businesses Planning to Use Sensitive
Personal Information and Recommend That They Stop
Right to Refuse Information Sharing with Third Parties
Businesses have the right to sue if their usernames and passwords are leaked.
Also Read, Why do you Need Vendor Risk Management?
Six key advantages of a CPRA for your business
It's essential for businesses to consider how the CPRA can affect the personal information they gather and to
gain knowledge about their responsibilities.
The CPRA may have the following six consequences for the organization:
Exemptions for b2b and employee information have been extended.
CPRA redefines businesses covered by the CCPA
Additional data rights granted for sensitive personal information sharing, automated data processing and profiling,
correcting inaccurate information, data deletion, and the time frame for right to access information.
Addition of the word "Contractor" to encourage businesses to review and update their vendor contracts
to ensure they are in compliance with the law. If your company hires a "Contractor" to process personal data,
the vendor contract will include additional requirements.
New affirmative security obligations
Getting Rid of the 30-day cure period and the establishment of a new enforcement agency
Steps that businesses should take right now
Entities should review their privacy policies and vendor contracts in advance of the CPRA's implementation,
ensure that internal mechanisms are ready to address expanded consumer rights and company obligations, and
ensure that their information security programmes will meet the new requirements.
Looking for IT Security Compliance Audit services on ISO 27001, GDPR, SOC 2 Compliance, Business Continuity Plan,
PCI-DSS Compliance Contact Today! Talk to an Expert
About Author,
Lucas Mia is a best influencer for Cybersecurity. I write compelling B2B marketing content for cybersecurity to yield business success. You can reach her anytime at IARM Information Security
Cybersecurity Company in New Jersey | ISO 27001 Consulting in New Jersey
No comments:
Post a Comment