More Detail on U.S. Data Processing Assessment Requirements More Detail on U.S. Data Processing Assessment Requirements by: Alan L. Friel of Squire Patton Boggs (US) LLP - Privacy World Friday, March 1, 2024 Related Practices & JurisdictionsCommunications, Media & Internet, Consumer Protection, Administrative & RegulatoryCalifornia | Privacy World The California Privacy Protection Agency (“CPPA”) has published revised draft regulations detailing what it proposes to be required of businesses under the California Consumer Privacy Act (“CCPA”) to assess, mitigate and document risk before engaging in specified types processing of California residents’ personal information, and on March 8th is set to vote on advancing them to the public comment stage of rulemaking. While California has technically required such assessments since January 1, 2023 (as have other states), the CCPA left the details to the CPPA to develop and specify in regulations. The regulatory proposal includes requirements for presentation of assessment findings to the Board of Directors, certification by the CEO and filing of abridged assessments with the CPPA. Colorado has already issued regulations on its assessment requirements, which are robust but somewhat less burdensome that what California is considering. © Copyright 2024 Squire Patton Boggs (US) LLP Current Legal Analysis The Corporate Transparency Act: A Reporting Guide for Medical Groups and MSOs by: John F. Golembesky , Richard Rifenbark Dialing Up Accountability: FCC’s Warning Shot to Mobile Network Operators on CPNI by: Brian D. Weimer , Douglas A. Svor EPA Amends Procedural Framework Rule for Conducting TSCA Risk Evaluations by: Lynn L. Bergeson , Lisa M. Campbell Maryland Restricts Noncompete Clauses for Veterinary and Health Care Professionals by: Galit Kierkut , Kristin Spallanzani The Importance of Whistleblower Protection and Wellbeing in the Age of Mental Health Awareness by: James D. McGuire Print
