Analysis, Examples, Exercises and Government - Information Management Today

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime. Reform of Article 22.

GDPR

GDPR Government Personal data Risk

U.S. Government White Paper to Help Companies Address the EU’s National Security Concerns in Schrems II

Data Matters

SEPTEMBER 30, 2020

government released a “White Paper” addressing how U.S. law and practice relating to government access to data for national security purposes,” especially as that information bears on “issues that appear to have concerned the ECJ in Schrems II ” and as it “may bear on many companies’ analyses” of how their reliance on SCCs conforms to EU law.

Paper

Paper Government Security Privacy

Data governance for data privacy

Collibra

MAY 5, 2020

Organizations are receiving floods of new data to leverage for analysis and insights. They need data governance. . They need data governance. What does data governance do? Governance delivers the context, relationships, lineage, and access data citizens need to make decisions around data. No organization is immune.

Data Privacy

Data Privacy Government Privacy Compliance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

JULY 5, 2023

NYDFS clarified that where a cybersecurity program or part of a cybersecurity program is adopted from an affiliate, the “senior governing body” ( e.g. , a board or equivalent governing body) may be that of the affiliate. As described below, senior governing bodies would have new oversight responsibilities under the amendments.

Cybersecurity

Cybersecurity IT Compliance Financial Services

Hackers Use RMM Software to Breach Federal Agencies

eSecurity Planet

JANUARY 27, 2023

Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “Another example of illegitimate activity is when someone deploys the RMM agent on, say, 100 endpoints in 100 different AD domains.”

Phishing

Phishing Data Privacy Cybersecurity Access

UK Consults on Algorithmic Processing

Data Matters

JUNE 13, 2022

More than ever, a ‘joined up’ approach is required to assess them, and the UK’s main regulators are working together to try to formulate a coherent policy, setting an interesting example that could be a template for global approaches to digital regulation. This can result in difficulties in people exercising their rights (e.g.,

Paper

Paper Communications Risk Marketing

Free resources to help you prevent and respond to data breaches

IT Governance

SEPTEMBER 20, 2018

This blog outlines some of the free resources IT Governance offers to help organisations prevent, prepare for and respond to data breaches. Conducting a Data Flow Mapping Exercise Under the GDPR : Data mapping is an essential part of information security, helping organisations discover where information is held and which areas are vulnerable.

Data breaches

Data breaches GDPR Security awareness Paper

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

For example, in the Enron financial fraud, executives and board members claimed ignorance or that they could not understand the financial maneuvering of Enron’s CFO (chief financial officer). See the top Governance, Risk & Compliance (GRC) tools. SOX: Consequences. Proposed SEC Security Changes. In fact, the U.S.

Cybersecurity

Cybersecurity Compliance Risk Communications

Business Architecture and Process Modeling for Digital Transformation

erwin

JULY 11, 2019

Fidelity International is an example of a successful digital transformation adopter and innovator. This analysis also needs to span multiple departments, extending beyond business and process architecture to IT, compliance and even HR and legal. Innovate or die is another adage that holds truer than ever before.

Digital transformation

Digital transformation Information capture Compliance Financial Services

Insights about the first five years of Right to be Forgotten requests at Google

Elie

DECEMBER 12, 2019

is a landmark European ruling that governs the delisting of personal information from search results. This new data enabled us to conduct a longitudinal analysis of how. Removing legal history comprised 21% of all delisting requests (19% target news sites and 2% government-related sites). Right to be Forgotten” (RTBF).

Privacy

Privacy Paper Government GDPR

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

For example, a business that collects user health data needs stronger protections than one that collects only email addresses. Common responsibilities include overseeing risk assessments, training employees on data protection principles, and working with government authorities.

GDPR

GDPR Compliance Personal data Privacy

Is your organisation equipped for long-term GDPR compliance?

IT Governance

MAY 28, 2019

To make sure you’ve addressed every necessary requirement, you should: Conduct a gap analysis. A GDPR gap analysis involves breaking down the Regulation into a long list of requirements and reviewing your compliance status. It could be a simple tick-box exercise, with the unchecked steps forming the gaps that need to be addressed.

GDPR

GDPR Compliance Personal data Risk

Insights about the first three years of the Right To Be Forgotten requests at Google

Elie

FEBRUARY 26, 2018

The "Right To Be Forgotten" (RTBF) is the landmark European ruling that governs the delisting of personal information from search results. The result of this analysis was published in a. The way the RTBF is exercised through Europe varies by country. For example peoplecheck.de This blog post summarizes our.

Privacy

Privacy Government Paper Access

Understanding the differences between ISO 27001 and ISO 27002

IT Governance

APRIL 2, 2019

To meet these requirements, organisations must: Assemble a project team and initiate the project; Conduct a gap analysis; Scope the ISMS; Initiate high-level policy development; Perform a risk assessment; Select and apply controls; Develop risk documentation; Conduct staff awareness training; Assess, review and conduct an internal audit; and.

Information Security

Information Security Compliance Risk Security

12 Steps to Data Intelligence: Part 1

Collibra

APRIL 22, 2020

For example, oil is hoarded by the few whereas data must be ubiquitous and shared. Of course, the answers can be found in data: There’s a pattern that reveals the reasons for the churn, and analysis that can guide business initiatives to prevent future losses. . For example, what is a Customer? What do they have in common?

Metadata

Metadata Compliance Digital transformation Communications

How to start your career in cyber security

IT Governance

FEBRUARY 25, 2019

Technically, you don’t need any cyber security experience to get started, though many people entering the field will come from jobs that have similar skillsets, such as systems administration or information analysis. There are also plenty of entry-level positions available.

Security

Security Systems administration Information Security Government

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

This article will explore the nature of MSSPs and how they can help businesses, nonprofits, governments, and other organizations have better security with less effort. For example, a monitoring service may offer 24/7/365 monitoring and a 24-hour response time to detected threats.

Security

Security Cybersecurity Cloud Access

10 key areas to identify gaps in your GDPR compliance

IT Governance

APRIL 12, 2018

The newly updated EU GDPR Compliance Gap Assessment Tool identifies ten key areas that your organisation should analyse to establish its current stance against the requirements: Governance – awareness of the leadership team, management and functional management. For example, do you have a GDPR project team?

GDPR

GDPR Compliance Personal data Risk

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization.

GDPR

GDPR Privacy Sales Data breaches

#ModernDataMasters: Mike Evans, Chief Technology Officer

Reltio

MARCH 19, 2019

Mike Evans is CTO and Founder at Comma Group and has spent more than a decade in the business analysis, MDM and data management space. As an aspiring Project Manager, I was asked to work on an analysis project to understand why some recent initiatives weren’t achieving expected results. Prioritise people, process and governance.

MDM

MDM Retail IT Government

EU: Second wave of noyb complaints targets cookie banners

DLA Piper Privacy Matters

JUNE 17, 2021

Pre-ticked boxes on second layer (Type B) – A second type of violation that is targeted by the complaints consists of the use of pre-ticked boxes to obtain consent; for example, in the “manage settings” section of a cookie banner. Noyb states that a person also visits the website to verify the analysis.

GDPR

GDPR Compliance Privacy Communications

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

The AG’s revised March 2020 proposed regulations provide an example of how a business may respond to a request to know that may include biometric information. The AG’s revised March 2020 proposed regulations provide an example of how a business may respond to a request to know that may include biometric information.

Privacy

Privacy Sales Insurance Compliance

Incident management vs. problem management: What’s the difference?

IBM Big Data Hub

AUGUST 1, 2023

Organizations try to keep their IT infrastructure in good standing by using IT service management (ITSM) to govern the implementation, delivery and management of services that meet the needs of end users. For example, too many people trying to access a server may cause it to crash, creating an incident your organization needs to fix.

Access

Access Communications Libraries Digital transformation

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization.

GDPR

GDPR Privacy Sales Data breaches

U.S. CLOUD Act and International Privacy

Data Protection Report

AUGUST 1, 2019

made a submission to an Australian Parliamentary enquiry regarding a recent and controversial Australian law relating to telecommunications and government access in Australia (the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018). 2523(b)(3)). MLAT.” ( Id. ). at pages 4-5.). At page 6.). at pages 6-7.).

Cloud

Cloud Privacy e-Discovery Personal data

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

DLA Piper Privacy Matters

MAY 23, 2023

In particular, the supplementary measures do not “ provide essentially equivalent protection to EU law against the wide discretion the US Government has to access Meta US users’ personal data via Section 702 FISA (PRISM) requests ”. The final DPC decision reflects that binding determination by the EDPB.

Personal data

Personal data GDPR Risk Privacy

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

DETAILED ANALYSIS ON VERIFICATION, CHILDREN’S PRIVACY AND NON-DISCRIMINATION. The regulations lay out a number of general principles to govern verification responsibilities. The Attorney General’s proposed regulations are thick with important provisions, and businesses should study the full regulations carefully.

Privacy

Privacy Sales Authentication Passwords

The Hacker Mind Podcast: Cyber Ranges

ForAllSecure

AUGUST 30, 2022

The governments of the world wanted the quick and agile minds of children who could think three dimensional -- and without all that moralizing about killing, you know, space aliens. The flipside is, you create as a good example over here, what happens is somebody's attacking my country. How do I find and go through?

Military

Military Energy and Utilities Government IT

What Should Be The Core Competencies For Cybersecurity For C-Suite

Cyber Info Veritas

JULY 18, 2018

This example, therefore, serves to show you the importance of taking cybersecurity seriously since a cyber attack can terribly damage an organization’s reputation and even lower the quality of the service or product it offers. This exercise should be as practical as possible rather than using a completely theoretical approach.

Cybersecurity

Cybersecurity Ransomware Information Security Risk

A Close Up Look at the Consumer Data Broker Radaris

Krebs on Security

MARCH 8, 2024

government. An analysis of email addresses known to have been used by Mr. Norden shows he is a native Russian man whose real name is Igor Lybarsky (also spelled Lubarsky). government. government levied financial sanctions against Channel One that bar US companies or citizens from doing business with the company.

Privacy

Privacy Data Privacy Government Marketing

What Counts as “Good Faith Security Research?”

Krebs on Security

JUNE 3, 2022

” “Security research not conducted in good faith — for example, for the purpose of discovering security holes in devices, machines, or services in order to extort the owners of such devices, machines, or services — might be called ‘research,’ but is not in good faith.”

Security

Security Computer and Electronics Access Libraries

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Determining the scope of each of these exemptions and how they apply to a company will require careful analysis. For example, a non-profit research institution that is controlled by a for-profit business and shares common branding or a non-profit charitable subsidiary of a for-profit parent company may be subject to the CCPA.

Privacy

Privacy Healthcare Sales Insurance

EU: Competition policy in the digital era (Part 1)

DLA Piper Privacy Matters

OCTOBER 1, 2019

Undoubtedly, digitisation also gives rise to legitimate concerns of many sorts: is data safe, or even will AI replace human labour for example. This is just one example of the many innuendos that underpin the Report from the beginning to the end, and which any reader should be mindful to identify for the good sake of antitrust rationalism.

Marketing

Marketing Agriculture Artificial Intelligence IT

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Determining the scope of each of these exemptions and how they apply to a company will require careful analysis. For example, a non-profit research institution that is controlled by a for-profit business and shares common branding or a non-profit charitable subsidiary of a for-profit parent company may be subject to the CCPA.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Determining the scope of each of these exemptions and how they apply to a company will require careful analysis. For example, a non-profit research institution that is controlled by a for-profit business and shares common branding or a non-profit charitable subsidiary of a for-profit parent company may be subject to the CCPA.

Privacy

Privacy Healthcare Sales Insurance

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

NAIC staff noted that guidance will also be prepared for the Financial Analysis Handbook , which will include clarifications regarding the confidentiality and purpose of the GCC, and that such guidance will also be exposed for comment. Revisions to Model 440. Impact of XXX/AXXX Reserves on Group Capital Positions.

Insurance

Insurance Paper Artificial Intelligence Big data

The Results Are in: Modest Changes to CCPA Await the Governor’s Signature

HL Chronicle of Data Protection

SEPTEMBER 25, 2019

If a consumer does not have an account, the CCPA prohibits a business from requiring that consumer to create an account as a condition of exercising their rights. The scope of the exception will also need careful analysis to determine what data qualifies for the additional one year compliance period.

Sales

Sales Communications Data breaches Compliance

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

In such circumstances, however, before selling the information in question, a business must either give the consumer an opportunity to opt out or obtain a “signed attestation” from the entity that collected the personal information stating that it provided notice at the point of collection to the consumer and include an example of the notice.

Privacy

Privacy Sales Paper Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

For example, a business can refuse to delete information that is necessary to provide the service, complete a transaction, detect security incidents or fraud, or for “solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.”.

GDPR

GDPR Privacy Personal data Sales

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

HL Chronicle of Data Protection

JUNE 17, 2019

Hong Kong’s past reforms to the PDPO have been “event driven”, the best example being the Octopus Rewards case in 2010, which led to extensive reforms to Hong Kong’s direct marketing controls. DPP 4 Analysis: Data Security. DPP 2 Analysis: Data Retention. A question of class (actions)?

Personal data

Personal data Data breaches Security Compliance

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Should privacy be considered a “burden” under the proportionality analysis required by Federal Rule of Civil Procedure Rule 26(b)? 3 As a result, an emerging consensus of courts and commentators has concluded that privacy interests may — and indeed, should — be considered as part of the proportionality analysis required under Rule 26(b)(1).

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

For example, a business can refuse to delete information that is necessary to provide the service, complete a transaction, detect security incidents or fraud, or for “solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.”.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

For example, a business can refuse to delete information that is necessary to provide the service, complete a transaction, detect security incidents or fraud, or for “solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.”.

GDPR

GDPR Privacy Personal data Sales

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice. change it substantially.

GDPR

GDPR Personal data Government IT

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

U.S. Government White Paper to Help Companies Address the EU’s National Security Concerns in Schrems II

Webinars

Trending Sources

Data governance for data privacy

Webinars

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hackers Use RMM Software to Breach Federal Agencies

UK Consults on Algorithmic Processing

Free resources to help you prevent and respond to data breaches

New SEC Cybersecurity Rules Could Affect Private Companies Too

Business Architecture and Process Modeling for Digital Transformation

Insights about the first five years of Right to be Forgotten requests at Google

How to implement the General Data Protection Regulation (GDPR)

Is your organisation equipped for long-term GDPR compliance?

Insights about the first three years of the Right To Be Forgotten requests at Google

Understanding the differences between ISO 27001 and ISO 27002

12 Steps to Data Intelligence: Part 1

How to start your career in cyber security

What is a Managed Security Service Provider? MSSPs Explained

10 key areas to identify gaps in your GDPR compliance

California Enacts Broad Privacy Laws Modeled on GDPR

#ModernDataMasters: Mike Evans, Chief Technology Officer

EU: Second wave of noyb complaints targets cookie banners

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Incident management vs. problem management: What’s the difference?

California Enacts Broad Privacy Protections Modeled on GDPR

U.S. CLOUD Act and International Privacy

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

The Hacker Mind Podcast: Cyber Ranges

What Should Be The Core Competencies For Cybersecurity For C-Suite

A Close Up Look at the Consumer Data Broker Radaris

What Counts as “Good Faith Security Research?”

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

EU: Competition policy in the digital era (Part 1)

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

Regulatory Update: NAIC Summer 2020 National Meeting

The Results Are in: Modest Changes to CCPA Await the Governor’s Signature

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

The Burden of Privacy In Discovery

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

The debate on the Data Protection Bill in the House of Lords

Stay Connected