In January of 2005, the state also passed the California Security of Information Law, which specifies businesses must ensure that personal information (defined by statute as name, driver license, Social Security Number, and any financial account numbers including credit cards) is properly protected. Although certain sections of this law has been preempted by federal information security regulations (under HIPAA, Gramm-Leach-Bliley Act, Fair and Accurate Credit Transactions Act, etc…), much of it is still in effect. In addition, Cal. Civ. Code § 1798.81.5, mandates that companies mandate appropriate security measures to protect personal information from unauthorized disclosure. California also has more stringent requirements about the disclosure of information to direct marketers and, pursuant to Cal. Civ. Code § 1798.81.5, requires specific provisions in contracts between companies and thirds parties where private personal information will be communicated to a third party.
Furthermore, under Cal. Civ. Code § 1798.82, companies are liable for security breaches that occur as a result of third party service providers. Business must promptly notify California residents when their personal information was potentially compromised, whether or not they have any actual liability for the breach. Required disclosures for when breaches occur included specific information about the type of breach that occurred and the timing of the breach. The state has assembly has since softened the notice requirement by allowing an entity to provide substitute notice by posting information about the breach on the company’s website. This measure has significantly reduced the cost of notice for startups and small businesses, but the cost of assessing the breach and what specific information was compromised still remains. California was also the first state to establish a centralized method of reporting, recording and cataloging security breaches.
 Richard Raysman and Peter Brown, Computer Law: Drafting and Negotiating Forms, CLDNF § 15.02 (2009).
 Jeffrey D. Neuburger, Technology, The Internet and Electronic Commerce: Staying Interactive in the High-Tech Environment, A Summary of Recent Developments in the Law. 927 PLI/Pat 699, (February-April 2008)
 Cal. Civ. Code §1798.83 et seq.
Our best stuff: secrets, tax saving tools, and tax defense strategies from the braintrust at Brotman Law.
These ten big ideas will change the way you think about your taxes and your business.
Find the articles and videos you need to make the right tax decisions in the learning center.
It is not just about what we do, but who we are, why we do it, and how that benefits you.
Meet with us to outline your strategy. No further obligation, 100% money-back guarantee.
IRS Circular 230 Disclosure: To ensure compliance with requirements imposed by the IRS, I must inform you that any U.S. federal tax advice contained in this website is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter contained in this website.