"What constitutes reasonable security per Calif. privacy law?" by Amanda R. Lawrence, Michael A. Rome, and James C. Chou (Law360)
Law360Amanda R. Lawrence, Michael A. Rome, James C. Chou
California Consumer Privacy Act compliance has been focused on developing the policies, procedures and infrastructure to support new privacy rights for California residents, which include, among other things, the right to know what personal information companies have on them, the right to delete and the right to opt out of the sale of that information to third parties.
While much ink has been spilled on how to come into compliance with these new privacy rights, companies subject to the CCPA also should focus their efforts on ensuring that they have an information security program that reasonably safeguards the personal information collected, stored and processed by their companies.
Originally published in Law360; reprinted with permission.