Administrative adjudication: governing procedure.
Requires prompt breach notices to California residents when unencrypted personal data is compromised, with flexible methods and possible delays for investigations.
Requires prompt breach notices to California residents when unencrypted personal data is compromised, with flexible methods and possible delays for investigations.
SB 1386, from the 2025-2026 California session, addresses notification requirements when there is a breach of the security of personal data. The bill focuses on who must notify, what constitutes personal information, acceptable notice methods, and circumstances that allow delayed or substitute notices. It builds on existing California privacy and data security laws by clarifying definitions and procedures related to breach notifications for entities that own or license computerized data containing personal information.
Note: This summary focuses on statutory provisions as described in the bill text and action history. For enforcement details, thresholds, and any amendments, refer to the official bill language and legislative analyses.
Compiled from official sources — confirm details with the bill’s official record.
Sign in to ask a question.