Hunton Privacy

DECEMBER 29, 2011

On December 13, 2011, the Information Commissioner issued updated guidance on compliance with recent changes to UK law governing the use of cookies ( The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (“Regulations”)). The revised law mandates prior opt-in consent for cookies.

Compliance 40

Compliance Computer and Electronics Privacy Communications 40

IT Governance

JULY 5, 2018

of the SRA Code of Conduct 2011. IT Governance is at the forefront of helping organisations address the challenges of GDPR compliance. Worse fines if the GDPR had been in effect. Visit our professional services sector web pages for further details.

GDPR 45

GDPR Compliance Personal data Data breaches 45

Data Matters

JUNE 24, 2021

3 The SEC and its staff followed the September 2017 statement with various cybersecurity-related initiatives and guidance, including January 27, 2020, cybersecurity guidance and observations published by the SEC’s Division of Examinations (formerly Office of Compliance Inspections and Examinations). 14, 2011). 14, 2011).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

eSecurity Planet

MARCH 14, 2021

NAC can set policies for resource, role, device and location-based access and enforce security compliance with security and patch management policies, among other controls. This solution is popular among education and healthcare in part due to its focus on maintaining regulatory compliance. Regulatory compliance.

Access 127

Access Compliance Authentication Education 127

DLA Piper Privacy Matters

JULY 29, 2020

1 Referring in this regard to the CJEU’s judgement in case C-509/09 and C-161/10 of 25 October 2011 (eDate Advertising) regarding infringement of a personality right and the victim’s main center of interests being the best place to assess such infringement. 2 [link].

GDPR 75

GDPR Compliance IT Privacy 75

Hunton Privacy

OCTOBER 18, 2022

The ICO published its current Employment Practices Code in 2011. In addition, the ICO has published an impact scoping document , which outlines some of the context and potential impacts of the Draft Guidance (“Impact Scoping Document”).

GDPR 58

GDPR Personal data Compliance Access 58

Thales Cloud Protection & Licensing

JUNE 19, 2023

New Subscriber Private Key Protection Requirements To ensure compliance with these new CA/B Forum code signing requirements, certificate authorities (CA) must use one of the following to securely store and generate their keys: 1. Hardware crypto module meeting the specified requirement 2.

Cloud 62

Cloud Compliance Risk Marketing 62

HL Chronicle of Data Protection

MARCH 19, 2018

The Commission’s release follows shorter cybersecurity “disclosure guidance” issued in 2011 by the staff of the SEC’s Division of Corporation Finance. The Commission’s release addresses many of the matters raised in the staff’s guidance, while expanding the discussion to cover additional disclosure and compliance considerations.

Cybersecurity 40

Cybersecurity Risk Data breaches Compliance 40

Thales Cloud Protection & Licensing

MARCH 29, 2023

First observed in 2011, the holiday stresses the importance of having extra copies of data in case of an attack or accident. All of these can be considered best practices to secure your private data, and comply with various compliance mandates.

Encryption 71

Encryption Passwords Ransomware Privacy 71

Hunton Privacy

MARCH 22, 2016

Phase 1 of the HIPAA Audit Program ran from 2011-2012 and produced several notable findings, including that two-thirds of covered entities had not performed a risk assessment as required by the HIPAA Security Rule. Phase 2 will launch with desk audits of covered entities.

Compliance 45

Compliance Privacy Risk Security 45

IT Governance

APRIL 5, 2018

There are three widely recognised frameworks that are associated with IT governance, each of which has significant strengths: ITIL ® is a library of best-practice processes for IT service management and is supported by ISO/IEC 20000:2011. The increase in compliance requirements of information- and privacy-related regulation.

Government 53

Government IT Compliance Information Security 53

Hunton Privacy

OCTOBER 5, 2011

On September 29, 2011, the German federal and state data protection authorities (“DPAs”) issued a resolution on cloud computing and compliance with data protection law. In addition, the DPA working groups for technology and media have released a guidance paper on cloud computing that provides more detail on data protection compliance.

Paper 40

Paper Cloud Compliance Information Security 40

eSecurity Planet

JUNE 14, 2022

Since its founding in 2011, Devo Technology has raised over $500 million. What he found were major challenges with security, governance and compliance. Devo Technology. In June, Devo Technology announced a Series F funding for $100 million at a $2 billion valuation. The lead investor on the deal was Eurazeo.

Cybersecurity 125

Cybersecurity Cloud Marketing Digital transformation 125

Hunton Privacy

MARCH 25, 2020

The Report emphasizes that existing law—including the Spanish Organic Law 3/1986 of April 14 1986 on Special Measures in Public Health Matters (as modified by Spanish Royal Decree-Law 6/2020, of March 10, 2020) or Spanish General Public Health Law 33/2011 of October 4, 2011—provides necessary legal measures to deal with health risk situations.

Personal data 75

Personal data GDPR Risk Insurance 75

Hanzo Learning Center

FEBRUARY 28, 2018

In 2011, the European Commission began revising MiFID -- ultimately arriving at MiFID II , which didn’t actually arrive in the form of implementation until January of this year.

Marketing 44

Marketing Compliance 44

Hunton Privacy

JANUARY 25, 2017

In 2011, MAPFRE, which underwrites group health insurance plans, submitted a breach report to OCR indicating that it had suffered a breach when a USB data storage device was stolen from the company’s IT Department. submit annual compliance reports for a period of three years.

Security awareness 40

Security awareness Insurance Risk Compliance 40

Hunton Privacy

OCTOBER 4, 2011

On September 22, 2011, new provisions under the French Data Protection Authority’s (“CNIL’s”) internal regulation ( Délibération n°2011-249 du 8 septembre 2011 ) came into force. Decisions will be made during the CNIL’s plenary sessions and communicated to applicants within eight days.

Privacy 40

Privacy Compliance Personal data Communications 40

Data Matters

FEBRUARY 19, 2018

On February 7, 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its 2018 National Exam Program Examination Priorities (2018 Exam Priorities) and, once again, identified cybersecurity as one of its main areas of focus. According to OCIE, each of its examination programs will prioritize cybersecurity.

Cybersecurity 60

Cybersecurity Risk Compliance Marketing 60

Hunton Privacy

NOVEMBER 17, 2016

FINRA alleged that when LFS began storing records on cloud-based servers in 2011, LFS failed to ensure that the third-party vendor retained to configure the cloud system properly installed antivirus software or data encryption for the confidential information, and that this failure led to the 2012 hack.

Cloud 56

Cloud Encryption Cybersecurity Security 56

Hunton Privacy

NOVEMBER 9, 2011

On November 4, 2011, Law360 interviewed Lisa J. In a question and answer session, Sotto discussed the challenges of working with multinational companies on compliance with privacy laws, and addressed questions related to her practice and career. Read the full interview.

Privacy 40

Privacy Compliance Security Information Security 40

Hunton Privacy

JULY 8, 2011

On June 7, 2011, the Department of Health and Human Services (“HHS”) announced a resolution agreement and $865,500 settlement with the University of California at Los Angeles Health System (“UCLA Health System”) for violations of the HIPAA Privacy and Security Rules.

Privacy 40

Privacy Compliance Access Risk 40

Hunton Privacy

DECEMBER 18, 2012

On December 18, 2012, the Information Commissioner’s Office (“ICO”) released an enforcement report (the “Report”) on the extent of compliance with recent changes to UK law governing the use of cookies ( The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 ).

Compliance 40

Compliance Communications Marketing Privacy 40

Hunton Privacy

APRIL 7, 2011

On April 6, 2011, the European Commission formally requested that Germany immediately comply with a March 9, 2010 judgment (C-518/07) by the European Court of Justice (the “Court”) concerning the independence of German data protection authorities (“DPAs”).

Compliance 40

Compliance Government Risk IT 40

Security Affairs

SEPTEMBER 28, 2022

Beyond the technological aspects, another compendium of Cloud Security Alliance (The State of Cloud Security Risk, Compliance, and Misconfigurations, 2022) states that the lack of knowledge and expertise are well-known issues within the information security industry. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cloud 98

Cloud Security Metadata Data breaches 98

Hunton Privacy

JANUARY 3, 2013

On December 19, 2012, the Irish Data Protection Commissioner (“DPC”) wrote to 80 website operators requesting details regarding how they are complying with recent changes to Irish law governing the use of cookies and other similar technologies ( SI 336/ 2011 , the “Regulations”).

Compliance 40

Compliance Government Access IT 40

Hunton Privacy

MAY 27, 2011

On June 6, 2011, join Hunton & Williams for a panel discussion on the implementation of the new EU Cookie Law in the UK, France, Germany and the Netherlands. What are organizations doing to ensure compliance with the new cookie law? Learn about cookie compliance in France, Germany and the Netherlands.

Compliance 40

Compliance Marketing Privacy 40

Hunton Privacy

JULY 6, 2011

As reported in BNA’s Privacy Law Watch , on July 2, 2011, Peruvian President Alan García signed the Personal Data Protection Law ( Ley de Protección de Datos Personales, Ley No. As we reported in a previous post, the Personal Data Protection Law passed the Congress of the Republic of Peru on June 7, 2011.

Personal data 40

Personal data Privacy Compliance Information Security 40

The Texas Record

MAY 31, 2019

Jerry Sorrells, Records Management Officer for the Texas State Technical College System, and Benito Ybarra, Chief Audit and Compliance Officer for the Texas Department of Transportation, were kind enough to answer some questions about how the audit process works in their respective agencies. How are audits done in your agency?

Records Management 75

Records Management Compliance Risk Education 75

Hunton Privacy

MARCH 11, 2011

In a speech at the ICO’s annual Data Protection Officers’ conference on March 8, 2011, the UK Information Commissioner, Christopher Graham, said that businesses running websites in the UK must “wake up” to the fact that the changes are happening and to start thinking about how to achieve compliance with the new requirements.

Computer and Electronics 40

Computer and Electronics Compliance Communications Government 40

Hunton Privacy

NOVEMBER 2, 2011

Simpson for his inclusion in Super Lawyers New York Rising Stars 2011. His practice focuses on complex privacy and data security matters, including assisting clients with the remediation of large-scale data security incidents and compliance with federal, state and international privacy and data security requirements.

Privacy 40

Privacy Compliance Security 40

Hunton Privacy

SEPTEMBER 16, 2011

On September 14, 2011, the Article 29 Working Party (the “Working Party”) met with representatives of the European Advertising Standards Alliance (“EASA”) and IAB Europe , to discuss the industry’s new self-regulatory code of conduct for online behavioral advertising (the “Code”), which was released on April 14, 2011.

Privacy 40

Privacy Compliance IT Marketing 40

Hunton Privacy

DECEMBER 16, 2011

On November 30, 2011, Tracy Kitten, Managing Editor of BankInfoSecurity , interviewed Lisa J. Discussing how data breaches can be game changers for organizations that suffer major incidents, Sotto emphasized that companies need to consider both the legal compliance issues involved with data breaches and potential reputational risks.

Data breaches 40

Data breaches Compliance Privacy Risk 40

Hunton Privacy

JUNE 25, 2013

Bellamy is a renowned privacy professional with more than 20 years of experience and deep knowledge of global data privacy and cybersecurity law, compliance and policy. She has a proven industry record in designing strategy, and building and managing data privacy compliance programs.

Data Privacy 40

Data Privacy Privacy Compliance Big data 40

Hunton Privacy

MARCH 27, 2012

MPI”), a property management firm, executed an Assurance of Discontinuance and agreed to pay $15,000 in civil penalties following an October 2011 theft of an unencrypted company-issued laptop. auditing compliance with the company’s written information security program at least once a year.

Encryption 40

Encryption Information Security Compliance Security 40

Hunton Privacy

MARCH 31, 2011

A new French law containing several key amendments to the French Data Protection Act and creating a new public authority referred to as the “ Defender of Rights ” ( Loi n°2011-334 du 29 mars 2011 relative au Défenseur des droits , or the “Law”) came into effect on March 30, 2011.

Compliance 40

Compliance Communications IT Security 40

Hunton Privacy

MAY 29, 2012

The Guidance offers merchants practical advice for partnering with a Point-to-Point Encryption (“P2PE”) solution provider and satisfying their PCI Data Security Standard compliance requirements in the context of mobile payment acceptance. In June 2011 , we reported on the PCI SSC’s cloud compliance guidelines.

Encryption 40

Encryption Security Compliance Cloud 40

IT Governance

JUNE 20, 2019

In fact, it’s probably not been to the required standard since 2011.] The organisation has often said it will be lenient towards organisations that can prove they are working towards compliance. gdpr #pecr pic.twitter.com/aIFuO0kR4e. Adam Rose (@adam_rose) 16 June 2019. In that regard at least, the ICO is practising what it preaches.

GDPR 55

GDPR IT Personal data Compliance 55