CHAPTER 8: BREACH NOTIFICATIONS
California already has rules governing data breaches and breach notification in sections 80–84 of the California Civil Code,182 which deal with the maintenance of “customer records.”
Section 82(a) deals with data breach notifications for a business, and it covers several areas. First, there are requirements that apply to an organization that “owns or licenses computerized data that includes personal information.” Any “person or business that conducts business in California” that owns or licenses such information is required to disclose a data security breach to California residents. Here, a “breach” is defined as the unauthorized acquisition of unencrypted personal information. A breach may also include the loss ...
Get The California Privacy Rights Act (CPRA) – An implementation and compliance guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.