Privacy Huddle: A Data Privacy & AI Governance Podcast
Privacy Huddle: A Data Privacy & AI Governance Podcast
Colleen Barry
Ep. 81 - CPPA rulemaking: assessments, cybersecurity & ADMT change
14 minutes Posted Feb 3, 2026 at 4:00 pm.
0:00
14:13
Download MP3
Show notes

In the latest episode of Privacy Huddle, Colleen Barry sits down with privacy expert Jenny Lynn Sheridan (CIPP-EU, CIPP-US, AIGP) to explore the California Privacy Protection Agency’s (CPPA) evolving rulemaking. Part one of this two-part series dives into key takeaways from recent CPPA board meetings, with a focus on upcoming risk assessment requirements under CCPA/CPRA. Jenny outlines the types of business activities that will trigger mandatory assessments—including selling or sharing personal information, processing sensitive data, using automated decision-making technology (ADMT) for significant decisions, profiling in employment or education contexts, using location-based profiling, and training ADMT with consumer data. Watch the episode to stay ahead on compliance, and don’t miss part two, where cybersecurity audits and ADMT will be covered in more depth.