CCPA / CPRA · Business obligations

§1798.150 Duty to implement reasonable security

Implement and maintain reasonable security procedures appropriate to the personal information held; failure giving rise to a breach creates a private right of action.

Mapped across 7 provisions

Equivalent and related requirements in other frameworks and regulations.

DORARelatedCurated
Art. 6 ICT risk management framework
Risk assessment & management
HIPAARelatedCurated
§164.308(a)(1) Security management process
Risk assessment & management
LGPDRelatedCurated
Art. 46 Security measures
Risk assessment & management
NIS2RelatedCurated
Art. 21(2)(a) Risk analysis and information system security policies
Risk assessment & management
NIST 800-171RelatedCurated
3.11.1 Periodically assess risk
Risk assessment & management
NIST 800-53RelatedCurated
RA-3 Risk assessment
Risk assessment & management
NIST CSF 2.0RelatedCurated
ID.RA-01 Vulnerabilities identified and recorded
Risk assessment & management

← All CCPA / CPRA sections