• Skip to main content
  • Skip to primary sidebar

Information Security Management ResourceKit

A Public Service of SecureTheVillage

  • Home
  • Return to SecureTheVillage

California Consumer Privacy Act (CCPA)

Webinar: The California Consumer Privacy Act (CCPA), Part 1: Law and Risk Management

Webinar: The California Consumer Privacy Act (CCPA), Part 1: Law and Risk Management

Webinar Deck (PDF): The California Consumer Privacy Act (CCPA), Part 1: Law and Risk Management

April 4, 2019: Stan’s Guests: Tim Toohey, Esq.Greenberg Glusker Fields Claman & Machtinger LLP, Robert Braun Esq., Jeffer Mangels Butler & Mitchell Tom Peistrup, Esq., General Counsel, InStyler / Tre Milano, SecureTheVillage Board of Directors, and Howard Miller, CRM, CRC, Vice President, Director Technology Division, LBW Insurance & Financial Services, Inc., SecureTheVillage Board of Directors

Webinar: The California Consumer Privacy Act (CCPA), Part 2: Managing Data Privacy

Webinar: The California Consumer Privacy Act (CCPA), Part 2: Managing Data Privacy

Webinar Deck (PDF): The California Consumer Privacy Act (CCPA), Part 2: Managing Data Privacy

May 2, 2019: Stan’s Guests: Ilanna Bavli, Eleven/11 Counsel & Strategy, David Grazer, CIPP

Webinar: The California Consumer Privacy Act (CCPA), Part 3: Minimum Reasonable Security Practices

Webinar: The California Consumer Privacy Act (CCPA), Part 3: Minimum Reasonable Security Practices

Webinar Deck (PDF): The California Consumer Privacy Act (CCPA), Part 3: Minimum Reasonable Security Practices

June 6, 2019: Stan’s Guest: Rachel Capoccia, Partner, Jeffer Mangels Butler & Mitchell

SecureTheVillage Minimum Reasonable Security Practices

Recommendation to Attorney General Becerra to adopt Minimum Reasonable Information Security Management Practices as a floor on reasonableness, December 3, 2019.

SecureTheVillage believes the security practices described here are a minimum set of security practices that a company (subject to CCPA) must implement and maintain for it to claim that it has reasonable security procedures and practices. The security practices described are designed to be a floor: If you are not doing these things, then you do not have reasonable security procedures and practices.

SecureTheVillage is providing these Minimum Reasonable Security Practices to the community as a public service.

  • To serve as a straw man in community dialogue over what might constitute reasonable security practices and what might not
  • As a baseline for companies to use in designing their own security procedures and practices
  • As a guide for attorneys to use in advising their clients on managing the legal risks of CCPA
  • As a guide for insurance providers needing to assess the security reasonableness of policy holders
  • As a guide to financial institutions in evaluating their exposure to a client’s security incident

Webinar: How Simple Changes to Your Contracts Can Mitigate Risk Under the CCPA

Webinar: How Simple Changes to Your Contracts Can Mitigate Risk Under the CCPA

Webinar Deck (PDF): How Simple Changes to Your Contracts Can Mitigate Risk Under the CCPA

March 12, 2020: Stan’s Guests: Matthew Seror, Shareholder, Buchalter, and Weiss Hamid, Associate, Buchalter

External Resources

California Attorney General Issues Proposed Regulations For California Consumer Privacy Act (CCPA), Tim Toohey,Esq., SecureTheVillage Leadership Council
California’s Consumer Privacy Act: Implications for Counsel and Clients, Tim Toohey,Esq., SecureTheVillage Leadership Council
Complying with the California Consumer Privacy Act in 5 (more or less) Not So Easy Steps: Part 1 – the Data Map, Robert Braun, Esq., SecureTheVillage Leadership Council
Defendable Information Security Procedures and Practices: Preparing for the California Consumer Privacy Act (CCPA), Stan Stahl, SecureTheVillage President and President, Citadel Information Group

Primary Sidebar

Resources Areas

  • Cyber Threats
    • Ransomware
    • Online Bank Fraud
  • Information Security Management / Leadership
  • Information Security Policies and Standards
  • Information Security Risk Assessment
  • Information Classification and Control
  • Securing the Human
  • Third-Party Security Management
  • Managing Security of the IT Infrastructure
  • Legal & Related
    • Basic Cyber Laws
    • Payment Card Industry Data Security Standard (PCI DSS)
    • General Data Protection Regulation (GDPR)
    • California Consumer Privacy Act (CCPA)
    • Cybersecurity Maturity Model Certification (CMMC)
  • Getting Cyber-Prepared: Incident Response & Business Continuity
  • Managing Cyber-Risk and Insurance
  • Personal Cybersecurity
  • Cyber Freedom

Copyright © 2023 · SecureTheVillage