2003, GDPR and Security - Information Management Today

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

GDPR: lawful bases for processing, with examples

IT Governance

MARCH 13, 2020

Under the EU GDPR (General Data Protection Regulation) , you need to identify a lawful basis before processing personal data. Lawfulness of processing under the GDPR. And, as ever with the GDPR, it’s your record-keeping that will prove essential. First published June 2018. Last updated March 2020. Legal obligations.

GDPR

GDPR Personal data Compliance Marketing

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

The ICO fined the airline because the company failed in implementing adequate security measures, the company detected the security breach to months later the initial compromise. People entrusted their personal details to BA and BA failed to take adequate measures to keep those details secure.” ” concludes the ICO.

GDPR

GDPR Personal data Data breaches Communications

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

GDPR: lawful bases for processing, with examples

IT Governance

JUNE 15, 2018

What is a lawful basis for processing under the GDPR? Like the Data Protection Act 1998 (DPA 1998) that it superseded, the General Data Protection Regulation (GDPR) sets out six lawful bases for processing personal data. Lawful processing under the GDPR. Do you always need individuals’ consent to process their data?

GDPR

GDPR Personal data Compliance Privacy

GDPR Italian Implementing Decree Has Been Published

HL Chronicle of Data Protection

SEPTEMBER 14, 2018

101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal. Below, a brief summary of the most relevant provisions: PROVISIONS WHICH INTEGRATE THE GDPR. On 4 September, the Legislative Decree no.

GDPR

GDPR Personal data Privacy Communications

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

IT Governance

JUNE 1, 2018

Finally, a week into the GDPR’s application, a number of organisations have been in the news after their efforts to comply with the new law went awry. It will be reporting the incident, as mandated by the GDPR.

GDPR

GDPR Compliance Computer and Electronics Data breaches

New Data Protection-Friendly eCommercial Model Clinical Trial Agreements Now Available

HL Chronicle of Data Protection

MAY 19, 2020

Despite their intention, requests for changes to the mCTAs had been notably increasing over the past few years, primarily due to the outdated data protection provisions in the templates which did not fully take into account the application of the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (DPA).

GDPR

GDPR Personal data Healthcare Data breaches

Brexit: Final arrangements for 1 January and future EU-U.K. data transfers

DLA Piper Privacy Matters

DECEMBER 30, 2020

UK data protection law has historically been governed by the General Data Protection Regulation (GDPR), which came into effect across all EU member states (including the UK) on 25 May 2018. The GDPR created a harmonised legal framework regulating the way in which personal data is collected, used and shared throughout the EU.

GDPR

GDPR Personal data Privacy Compliance

UK: New Data Protection and Digital Information Bill

DLA Piper Privacy Matters

JULY 20, 2022

By amending the UK GDPR, the Data Protection Act 2018 (“ DPA 2018” ) and the Privacy and Electronic Communications Regulations 2003 ( “PECR” ), the Bill realises the Government’s ambition to recalibrate its approach to data protection and privacy following the UK’s withdrawal from the EU. Definitions. International transfers.

GDPR

GDPR Personal data Compliance Privacy

Can healthcare organisations address their challenges with a single cyber resilience plan?

IT Governance

JANUARY 26, 2018

Cyber criminals are not the only threat to information security in healthcare. This highlights the need for organisations to implement a robust staff training programme that addresses individual responsibility for data security. Compliance obligations. 2018 sees changes to the compliance obligations facing healthcare organisations.

GDPR

GDPR Data breaches Compliance Government

German Federal Parliament Passes New German Data Protection Act

Hunton Privacy

APRIL 28, 2017

On April 27, 2017, the German Federal Parliament adopted the new German Federal Data Protection Act ( Bundesdatenschutzgesetz ) (“new BDSG”) to replace the existing Federal Data Protection Act of 2003. The GDPR allows for certain EU Member State deviations from the text of the GDPR.

GDPR

GDPR Personal data Information Security Security

UK: New Data Protection and Digital Information Bill

DLA Piper Privacy Matters

MARCH 9, 2023

We have set out the key changes in the new draft Bill below: Scientific Research Definition : The original draft Bill contained proposals creating a statutory definition of scientific research and statistical purposes, by drawing on the existing recitals under the GDPR.

Personal data

Personal data GDPR Government Risk

Government publishes consultation on post-Brexit data reforms

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

Following Brexit, the UK is now free to develop its own data protection regime and the proposals articulate the Government’s vision for extensive changes to the data protection landscape to secure digital enabled growth, within a strong regulatory environment that upholds trust and confidence. Reform of the Accountability Framework.

Government

Government Paper Personal data GDPR

Best SIEM Tools & Software for 2022

eSecurity Planet

AUGUST 15, 2022

Security Information and Event Management (SIEM) is a crucial enterprise technology that ties the stack of cybersecurity systems together to assess threats and manage risks. ThreatInsight: This security monitoring assessment tool collects logs and gives you insight into your organization’s threats. IBM Security QRadar SIEM.

Analytics

Analytics Cloud Compliance Cybersecurity

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

The newly adopted Regulation on notification of security incidents. Classification of security incidents and notifications. Starting from January 1, 2022 [2] , the Operators included in the NCSP will be required to notify incidents to the Inter-ministerial Committee for the Security of the Republic (“ CSIRT ”).

Cybersecurity

Cybersecurity Communications Data breaches Security

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. The GDPR expands the rights of EU individuals and the obligations placed on organizations.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

UK: The Network and Information Systems Regulations 2018 Enter Into Force Today

DLA Piper Privacy Matters

MAY 10, 2018

The aim of The Network Information Systems Directive 2016 (“ NISD” ) is to encourage cross-border collaboration between EU Member States in order to ensure a joined-up approach to cyber security to protect essential services and critical infrastructure from cyber-attacks. Which Organisations do the Regulations apply to?

GDPR

GDPR Cloud Security Risk

Weekly podcast: BT, Bithumb, Islington Council and World Cup phishing

IT Governance

JUNE 22, 2018

The ICO found that all of the emails were direct marketing, not service messages, and had been sent to recipients without their consent, in contravention of Regulation 22 of the Privacy and Electronic Communications Regulations 2003. Coincidentally, Bithumb upgraded its security system four days before the incident. Keep ‘em peeled.

Phishing

Phishing Compliance Marketing Information Security

Top Cybersecurity Companies for 2021

eSecurity Planet

AUGUST 13, 2021

As the demand for robust security defense grows by the day, the market for cybersecurity technology has exploded, as well as the number of available solutions. Syxsense Secure. Stop breaches with one endpoint security solution. Pre-built templates keep organizations secure without needing large teams and specialists.

Cybersecurity

Cybersecurity Cloud Encryption Marketing

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

JANUARY 11, 2021

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”).

Cybersecurity

Cybersecurity Computer and Electronics Manufacturing Cloud

UK: Personal liability for PECR regulatory fines proposed in Government consultation

DLA Piper Privacy Matters

MAY 31, 2018

PECR sits alongside the Data Protection Act 2018 and the GDPR and provide data subjects with specific privacy rights in relation to electronic communications. There are specific rules on: • marketing calls, emails, texts and faxes; • cookies (and similar technologies); • keeping communications services secure; and. Background.

Government

Government Marketing Communications Privacy

US: The CCPA ‘Moving Target’ One Month Before Privacy Enforcement Begins

DLA Piper Privacy Matters

JUNE 18, 2020

In 2003, Congress rushed to pass the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM Act) in order to preempt a California class action enforcement spam law before it took effect. Sampling completed as of June 1 suggests that CPRA signature validity will be sufficient to put the initiative on the ballot.

Privacy

Privacy Compliance Sales Risk

eDiscovery for the Rest of Us: eDiscovery Best Practices, Part Two

eDiscovery Daily

MAY 16, 2018

Tom has also written several terrific informational overview series for CloudNine, including eDiscovery and the GDPR: Ready or Not, Here it Comes (which we covered as a webcast ), Understanding eDiscovery in Criminal Cases (which we also covered as a webcast ), ALSP – Not Just Your Daddy’s LPO and Why Is TAR Like a Bag of M&M’s?

e-Discovery

e-Discovery Computer and Electronics Metadata Paper

UK: How real is the threat of data protection group litigation in the UK?

DLA Piper Privacy Matters

NOVEMBER 6, 2018

In cases arising under the DPA 1998 and the related Privacy and Electronic Communications Regulations 2003, it was fairly common for organisations to pay hundreds and sometimes low thousands of pounds in relation to spam email and text. Some of these claims have rightly been criticised as sales patter and scaremongering.

Insurance

Insurance Data breaches Personal data GDPR

Information Management Today

Security Compliance & Data Privacy Regulations

GDPR: lawful bases for processing, with examples

Webinars

Trending Sources

Britain’s information commissioner fines British Airways for 2018 Hack

Webinars

GDPR: lawful bases for processing, with examples

GDPR Italian Implementing Decree Has Been Published

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

New Data Protection-Friendly eCommercial Model Clinical Trial Agreements Now Available

Brexit: Final arrangements for 1 January and future EU-U.K. data transfers

UK: New Data Protection and Digital Information Bill

Can healthcare organisations address their challenges with a single cyber resilience plan?

German Federal Parliament Passes New German Data Protection Act

UK: New Data Protection and Digital Information Bill

Government publishes consultation on post-Brexit data reforms

Best SIEM Tools & Software for 2022

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Top 10 for 2018

UK: The Network and Information Systems Regulations 2018 Enter Into Force Today

Weekly podcast: BT, Bithumb, Islington Council and World Cup phishing

Top Cybersecurity Companies for 2021

European Commission proposes reinforcement of EU Cybersecurity rules

UK: Personal liability for PECR regulatory fines proposed in Government consultation

US: The CCPA ‘Moving Target’ One Month Before Privacy Enforcement Begins

eDiscovery for the Rest of Us: eDiscovery Best Practices, Part Two

UK: How real is the threat of data protection group litigation in the UK?

Stay Connected