California is changing its Information Practices Act of 1977 to expand the definition of personal information with additional identifiers, including biometric data of those affected. The amendment comes with new instructions on how to notify affected parties by a breach.
The California Legislative Information website describes how the existing law defines and regulates the use of personal information by public agencies and businesses as follows:
“The Information Practices Act of 1977 requires a public agency, as defined, that owns or licenses computerized data that includes personal information to disclose any breach of the security of the system following discovery or notification of the breach, as specified.
Comments are closed.
