In California, Bill Specifying Deadlines for Data-Breach Notification Advances Quickly
A California bill to set data-breach notification deadlines advanced to the Assembly Appropriations Committee on Tuesday. The chamber’s Judiciary Committee unanimously approved SB-446 as part of the consent calendar during a livestreamed meeting.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Cleared by the Assembly Privacy Committee on June 24 and the full Senate on May 28, SB-446 would add specific deadlines to the state’s data-breach notification law (see 2506250011 and 2504020055).
California’s current law doesn’t specify deadlines for notifications. However, the bill by Sen. Melissa Hurtado (D) would require disclosures to California residents within 30 days of the company finding out a breach has occurred, plus a notice to the state attorney general within 15 days of the company notifying affected consumers.