CCPA / CPRA · Business obligations

§1798.150 Duty to implement reasonable security

Implement and maintain reasonable security procedures appropriate to the personal information held; failure giving rise to a breach creates a private right of action.

Mapped across 7 provisions

Equivalent and related requirements in other frameworks and regulations.

DORARelatedCurated
Art. 6 ICT risk management framework
Évaluation et gestion des risques
HIPAARelatedCurated
§164.308(a)(1) Security management process
Évaluation et gestion des risques
LGPDRelatedCurated
Art. 46 Security measures
Évaluation et gestion des risques
NIS2RelatedCurated
Art. 21(2)(a) Risk analysis and information system security policies
Évaluation et gestion des risques
NIST 800-171RelatedCurated
3.11.1 Periodically assess risk
Évaluation et gestion des risques
NIST 800-53RelatedCurated
RA-3 Risk assessment
Évaluation et gestion des risques
NIST CSF 2.0RelatedCurated
ID.RA-01 Vulnerabilities identified and recorded
Évaluation et gestion des risques

← All CCPA / CPRA sections