In the prior two alerts in this series, we explained that California (along with 16 other states) now requires businesses to conduct privacy risk assessments in certain circumstances where consumer privacy may face heightened...more
1/26/2026
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Risk Mitigation ,
Sensitive Personal Information ,
State Privacy Laws
As noted in last week’s post, privacy risk assessments are now required in several states. Of the 19 U.S. states with comprehensive consumer data privacy laws, all but two mandate that businesses conduct privacy risk...more
1/21/2026
/ Corporate Counsel ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Privacy Laws ,
Risk Assessment ,
Risk Management ,
State Privacy Laws
As of Jan. 1st, the California Consumer Protection Act (“CCPA”) and accompanying regulations now require businesses to complete a risk assessment before engaging in certain “high-risk” personal information processing. ...more
1/9/2026
/ California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Sellers ,
Data-Sharing ,
Effective Date ,
New Regulations ,
Personal Data ,
Regulatory Requirements ,
Risk Assessment ,
Sensitive Personal Information ,
State Privacy Laws