Chapter 8: Breach notifications

California already has rules governing data breaches and breach notification in sections 80–84 of the California Civil Code,¹⁸² which deal with the maintenance of “customer records.”

Section 82(a) deals with data breach notifications for a business, and it covers several areas. First, there are requirements that apply to an organization that “owns or licenses computerized data that includes personal information.” Any “person or business that conducts business in California” that owns or licenses such information is required to disclose a data security breach to California residents. Here, a “breach” is defined as the unauthorized acquisition of unencrypted personal information. A breach may also include the loss ...

Get The California Privacy Rights Act (CPRA) – An implementation and compliance guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The California Privacy Rights Act (CPRA) – An implementation and compliance guide by Preston Bukaty

CHAPTER 8: BREACH NOTIFICATIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly