2026年1月1日生效的新加利福尼亚州隐私法要求企业更严格地处理数据、进行风险评估和透明度。 New California privacy laws, effective Jan. 1, 2026, require stricter data handling, risk assessments, and transparency for businesses.

自2026年1月1日起,根据CCPA和CPRA更新的加利福尼亚州隐私条例生效,扩大了对处理加利福尼亚居民数据的企业的合规要求。 As of January 1, 2026, updated California privacy regulations under the CCPA and CPRA took effect, expanding compliance requirements for businesses handling California residents’ data. 在开展某些数据活动之前进行新的规则授权风险评估,进行符合NIST标准的年度网络安全审计,提高自动化决策技术的透明度。 New rules mandate risk assessments before certain data activities, annual cybersecurity audits aligned with NIST standards, and enhanced transparency around automated decision-making technologies. 企业还必须为此类系统提供退出权,更新隐私通知,并加强对健康和生物鉴别信息等敏感数据的保障。 Businesses must also provide opt-out rights for such systems, update privacy notices, and strengthen safeguards for sensitive data like health and biometric information. 这些变化适用于达到收入、数据量或销售阈值的企业,而不论地点。 The changes apply to businesses meeting revenue, data volume, or sales thresholds, regardless of location. 虽然有些最后期限延长到2028年,但敦促各公司现在就着手遵守规定。 While some deadlines extend to 2028, companies are urged to begin compliance efforts now.