As I once heard a lawyer explain, laws, regulation, compliance are mostly like software: created by hardworking individuals to be as accurate, fair and efficient as possible. She mentioned that the primary difference compared to software development is feedback from compiler, automated tests, telemetry, user feedback, etc.
So, complying to CCPA,GDPR,SOC2,PCI,HITrust is like running on your code 5 different platforms, none of which were tested during construction.
So, complying to CCPA,GDPR,SOC2,PCI,HITrust is like running on your code 5 different platforms, none of which were tested during construction.