Compliance and Data collection - Information Management Today

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. Large corporations tend to have the resources to deal with compliance issues. Paths to compliance.

Data Privacy

Data Privacy Compliance Privacy GDPR

Streamlining Data Collection for Investigations and eDiscovery

OpenText Information Management

SEPTEMBER 22, 2023

Additionally, the risks associated with protecting that data have never been higher, due to strengthened data privacy laws worldwide and increasing cyberattacks on businesses everywhere.

Data collection

Data collection Data Privacy Privacy Risk

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

MARCH 1, 2021

users for illegal data collection. The Chinese firm was accused to have failed to get the users’ consent to collect data in compliance with the Illinois biometric privacy law. The post ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection appeared first on Security Affairs.

Data collection

Data collection Privacy Compliance Security

The seven critical requirements for modern data collection

OpenText Information Management

OCTOBER 2, 2020

In an earlier blog, I discussed the trends necessitating a modern approach to data collections to support early case assessment, investigations and eDiscovery: an increasingly remote workforce, new sources of electronically stored information (ESI), including ephemeral data, and a rise in regulatory compliance mandates and litigation, to name a few.

Data collection

Data collection Compliance

California AG Issues CCPA Non-Compliance Notices to Businesses Operating Loyalty Programs

Hunton Privacy

JANUARY 31, 2022

On January 28, 2022, California Attorney General Rob Bonta published a statement regarding recent investigations conducted by the California Office of Attorney General (“AG”) with respect to businesses operating loyalty programs and their compliance with the California Consumer Privacy Act’s (“CCPA’s”) financial incentive requirements.

Compliance

Compliance Retail Data collection Privacy

Big Data: Legal and Compliance Considerations for Investment Managers

Data Matters

OCTOBER 30, 2020

Greene and Colleen Theresa Brown are co-authors of a new chapter of the PLI treatise Investment Adviser Regulation: A Step-by-Step Guide to Compliance and the Law focusing on legal and compliance considerations for use of Big Data.

Big data

Big data Compliance Artificial Intelligence Data collection

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

GDPR Compliance Starts with Data Discovery. Compliance with GDPR is just a short five months away. While there may be many dimensions to consider from a GDPR readiness perspective there are three steps that are particularly important in order to manage risk and ensure compliance. Step 1: Data Discovery.

GDPR

GDPR Compliance Data collection Privacy

CHINA: Important new risks and practical guidance on China data protection, data security, e-commerce and online platform compliance

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. This is a significant reminder to organisations to start data mapping and assessment of all China data sooner rather than later.

Compliance

Compliance Personal data Security Risk

ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

Hunton Privacy

NOVEMBER 5, 2020

On October 27, 2020, the UK Information Commissioner’s Office (“ICO”) published a report following its investigation into data protection compliance in the direct marketing data broking sector, alongside its enforcement action against Experian. Experian has stated that it will appeal the Enforcement Notice.

Marketing

Marketing Compliance Personal data GDPR

Developments in Cookie Regulation: French CNIL Declares Intent to Audit Websites for Cookie Compliance

Data Matters

APRIL 26, 2021

On April 2, 2021 the French Data Protection Authority (the “ Commission Nationale de l’Informatique et des Libertés ” or “ CNIL ”) published its intent to start auditing websites for compliance with cookie regulations. Where cookies collect personal data of internet users (e.g.

Compliance

Compliance Analytics Privacy GDPR

CHINA: mobile apps remain a high privacy risk, and face stringent requirements

DLA Piper Privacy Matters

AUGUST 17, 2022

For the past couple of years, operators of mobile apps in China have had to comply with over thirty additional, specific privacy compliance obligations (i.e. The regulators have now refreshed and combined a selection of the requirements into one standard, yet more compliance steps must be followed. Notice and Consent Requirements.

Privacy

Privacy Risk Personal data Data collection

What is progressive profiling and how can it benefit your business?

Thales Cloud Protection & Licensing

JULY 3, 2023

madhav Tue, 07/04/2023 - 05:10 As the data trust gap between customers and businesses continue to grow, and as third-party cookies become redundant, there is an urgency to adopt a modernized approach to customer data collection. Progressive profiling introduces a fresher and far more proactive take on data collection.

IT

IT Data collection B2C B2B

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

CHINA: New practical guidance for mobile app operators

DLA Piper Privacy Matters

MARCH 23, 2021

Mobile apps have during this period been one of the regulator’s enforcement priorities, and there has been a stream of enforcement action (notably apps taken down from app stores) for non-compliance with these guidelines.

Data collection

Data collection Compliance Privacy

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 27, 2017

On October 17, 2017, the French Data Protection Authority (“CNIL”), after a consultation with multiple industry participants that was launched on March 23, 2016, published its compliance pack on connected vehicles (the “Pack”) in line with its report of October 3, 2016. 2. “IN -> OUT” scenario.

Compliance

Compliance Data collection GDPR Insurance

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 5, 2016

On October 3, 2016, at the Paris Motor Show, the French Data Protection Authority (“CNIL”) reported on the progress of a new compliance pack on connected vehicles. The compliance pack on connected vehicles will contain guidelines regarding the responsible use of personal data for the next generation of vehicles.

Compliance

Compliance Personal data Data collection Insurance

CFPB's Mulvaney to Warren: Breaches justified data-collection halt

Information Management Resources

JANUARY 22, 2018

Acting Consumer Financial Protection Bureau Director Mick Mulvaney has cited hundreds of confirmed and suspected data breaches as justification for his halting the bureau's data collection activities last month.

Data collection

Data collection Data breaches Compliance Security

Assessing your organization’s security needs: Why it’s critical to your overall security posture

Jamf

OCTOBER 17, 2023

Knowing the risks that are unique to your organization and assessing them accurately are critical to the overall security posture as well.

Security

Security Data collection Paper Risk

Businesses to Assist NHS Test and Trace Efforts

Hunton Privacy

JUNE 25, 2020

Establishments and companies in the UK will therefore be responsible for the additional collection and potential sharing of customers’ personal data. Any entity engaging in this kind of data collection will need to comply with the requirements of data protection law.

Data collection

Data collection Personal data Compliance Retail

Big California Privacy News: Legislative and Enforcement Updates

Data Matters

SEPTEMBER 6, 2022

For businesses operating in California or whose websites, products or services reach California residents, these changes mean new compliance obligations, some of which could require significant investments of time and resources. Short-Term CCPA Compliance Tune Up.

Privacy

Privacy B2B Sales Compliance

Google to Launch Google Analytics 4 in an Attempt to Address EU Privacy Concerns

Hunton Privacy

MARCH 18, 2022

It helps businesses meet evolving needs and user expectations, with more comprehensive and granular controls for data collection and usage.”. It remains to be seen whether this change will ease EU DPAs’ concerns about Google Analytics’ compliance with the GDPR.

Analytics

Analytics Privacy GDPR Personal data

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. Key compliance obligations include: Classification of financial data: the data lifecycle framework introduces five levels of financial data, namely: .

Compliance

Compliance Security Financial Services Data collection

Regional privacy but global clouds. How to manage this complexity?

Thales Cloud Protection & Licensing

MAY 31, 2022

Data Protection Officers expressed the difficulties they have to accomplish their mission: to advise on and monitor compliance (as defined in GDPR Article 39). With the acceleration of digital transformation and growing cyber threats, one thing is clear: privacy compliance has never been so important, yet so complex to reach.

Cloud

Cloud Privacy Data Privacy Compliance

HONG KONG: Increased Enforcement Action?

DLA Piper Privacy Matters

NOVEMBER 17, 2022

Are we seeing a return of proactive enforcement of Hong Kong’s data protection laws, after a lull in recent years? Moving on – compliance priorities. The two investigation reports addressed both public facing aspects and internal operations of the businesses’ data protection compliance. Notice and Consent.

Personal data

Personal data Data Privacy Compliance Privacy

Data Privacy Compliance Isn’t Just for Europe or California Anymore: Data Privacy Trends

eDiscovery Daily

APRIL 10, 2019

For example, Camila Tobón, a Colorado-based data privacy lawyer at Shook, Hardy & Bacon, said many countries in the Latin America follow a consent-based model, which doesn’t allow for the legitimate interest data collection case presented under GDPR. I assume that works everywhere, does it?’

Data Privacy

Data Privacy Privacy Compliance GDPR

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

While data security focuses on protecting digital information from threat actors and unauthorized access, data protection does all that and more. Even more, a good data protection strategy can improve business operations and minimize downtime in a cyberattack, saving critical time and money.

Data breaches

Data breaches GDPR Compliance Encryption

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated.

Personal data

Personal data GDPR Data breaches Compliance

CHINA: Clarifications of data classification and grading requirements

DLA Piper Privacy Matters

OCTOBER 3, 2022

Given data classification and grading are mandatory requirements under the Data Security Law and Personal Information Protection Law, organisations should prioritise understanding their data collected and data processing activities within the coming months. Data classification. Data grading.

Data collection

Data collection Personal data Access Compliance

EDPB Publishes Report of Outcome of the Cookie Banner Taskforce

Hunton Privacy

JANUARY 27, 2023

Claiming reliance on the “legitimate interests” legal basis for the use of non-essential cookies ( e.g. , targeted advertising cookies) and not collecting valid consent for the use of such cookies is prohibited.

GDPR

GDPR Compliance Data collection Personal data

Testing the tricky apps for privacy and data protection

Data Protection Report

MARCH 25, 2024

Dealing with cert pinning and root detection The privacy area has been white-hot lately, including litigation and investigations involving VPPA; Wiretap/Pen Register/Trap and Trace; and Opt Out Compliance. Now, more than ever, it is important for companies to obtain line-of-sight on data collection/sharing that is otherwise hidden from view.

Privacy

Privacy Compliance Communications Data collection

Personal data protection in the time of coronavirus (Covid-19)

Data Protection Report

FEBRUARY 25, 2020

The principles of necessity and minimum collection should be followed (for example, the data collected should be limited to those who are confirmed or suspected of carrying Covid-19 and those who have had close contact with confirmed or suspected virus carriers). We expect the Government will continue this approach.

Personal data

Personal data Big data Data Privacy Data breaches

More New York SHIELD Act guidance

Data Protection Report

JULY 12, 2022

The NYAG faulted Wegmans on five security areas: access controls, password management, asset management, logging and monitoring, and data collection and retention. Data Collection and Retention : The affected information included checksums derived from Customers’ driver’s license numbers.

Passwords

Passwords Data collection Personal data Cloud

China’s Data Privacy Law Poses Challenge for International Companies

eSecurity Planet

DECEMBER 1, 2021

Businesses that have spent the past three-plus years adapting to the European Union’s far-reaching data privacy law now have to decide how they will respond to a similar law in China that has been criticized as being more vague in its wording and harsher in its penalties. Also read: Top GRC Tools & Software for 2021. Will the U.S. “The

Data Privacy

Data Privacy Privacy GDPR Data collection

Advisory note: ?Contact Tracing? for librarians and information professionals

CILIP

JULY 7, 2020

CILIP has provided this advisory note in response to the call for libraries and information services, particularly public libraries, to undertake data-collecting activity as part of the Government?s The data collecting activity must not present a deterrent ? for librarians and information professionals. Contact Tracing?

Libraries

Libraries Data collection Risk Privacy

Meet Your Audio-Video eDiscovery Needs with OpenText eDiscovery solutions

OpenText Information Management

OCTOBER 23, 2023

Are you seeing an uptick in the number of audio and video (“A/V”) files in your document collection sets? In the past, these files were just a small, mostly inconsequential part of the data collection, such as sales and marketing materials, holiday videos, and user internet downloads. You are not alone!

Data collection

Data collection Sales Marketing Analytics

The CNIL’s key priorities for upcoming dawn-raids in 2021

DLA Piper Privacy Matters

APRIL 2, 2021

In 2021, more than 50% of the CNIL’s dawn-raids will focus on: (i) websites cybersecurity, (ii) health data protection and (ii) cookies. Website security incidents are among the most common non-compliances identified by the CNIL during its dawn-raids. Health data security. W ebsites cybersecurity.

Data breaches

Data breaches Cybersecurity Compliance Data collection

CHINA: Navigating China Episode 15: Comprehensive New E-Commerce Rules Introduced

DLA Piper Privacy Matters

MARCH 24, 2021

This is on top of general consent to processing of personal data obtained from the data subject. Other requirements: these include (this is not a comprehensive list): rules around content of advertising on e-commerce or livestreaming platforms, sites and apps; compliance with competition laws; and.

Personal data

Personal data Data Privacy Marketing Compliance

Make data protection a 2023 competitive differentiator

IBM Big Data Hub

JANUARY 19, 2023

Use a data protection strategy to maintain your brand image and customer trust How a company collects, stores and protects consumer data goes beyond cutting data storage costs—it is a central driving force of its reputation and brand image.

Data Privacy

Data Privacy Customer Experience Privacy Compliance

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Deliberate or accidental action (or inaction) by the school or one of the processors : an example would be sending old PCs, laptops or filing cabinets to be destroyed without first removing the data held on them. Sending personal data to the wrong person : this includes any message sent by email, post or fax. Identity theft or fraud.

Personal data

Personal data Data breaches Data collection GDPR

China Issues Draft Measures on Security Assessment of Cross-border Data Transfer

Hunton Privacy

NOVEMBER 1, 2021

If made final, the Draft Measures would apply to cross-border transfers of personal information and “important data” collected and generated in China under certain circumstances. Data Transfer Agreement. other circumstances that might affect the security of transferred data. other conditions to be specified by the CAC.

Security

Security Data collection Compliance Risk

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

Examples of data privacy laws Compliance with relevant regulations is the foundation of many data privacy efforts. While data protection laws vary, they generally define the responsibilities of organizations that collect personal data and the rights of the data subjects who own that data.

Data Privacy

Data Privacy Privacy GDPR Personal data

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

However, as with all China laws, the PIPL is drafted as high level principles, and we anticipate additional guidelines will be published in the coming months outlining the practical compliance steps organisations will need to take when updating their China data protection compliance programmes.

Data Privacy

Data Privacy Privacy Compliance Analytics

Colorado AG Publishes Draft Colorado Privacy Act Rules

Hunton Privacy

NOVEMBER 1, 2022

The proposed regulations, if adopted, would add certain significant new compliance obligations on businesses. Right to Request to Exercise Personal Data Rights (Rule 4.02 – Rule 4.07; 6.11). of the proposed regulation requires “controllers” to establish “reasonable methods” to authenticate consumers who submit data rights requests.

Privacy

Privacy Personal data Data collection Compliance

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

Streamlining Data Collection for Investigations and eDiscovery

Webinars

Trending Sources

GDPR compliance checklist

Webinars

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

The seven critical requirements for modern data collection

California AG Issues CCPA Non-Compliance Notices to Businesses Operating Loyalty Programs

Big Data: Legal and Compliance Considerations for Investment Managers

Guest Post - Three Critical Steps for GDPR Compliance

CHINA: Important new risks and practical guidance on China data protection, data security, e-commerce and online platform compliance

ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

Developments in Cookie Regulation: French CNIL Declares Intent to Audit Websites for Cookie Compliance

CHINA: mobile apps remain a high privacy risk, and face stringent requirements

What is progressive profiling and how can it benefit your business?

How to implement the General Data Protection Regulation (GDPR)

CHINA: New practical guidance for mobile app operators

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

CFPB's Mulvaney to Warren: Breaches justified data-collection halt

Assessing your organization’s security needs: Why it’s critical to your overall security posture

Businesses to Assist NHS Test and Trace Efforts

Big California Privacy News: Legislative and Enforcement Updates

Google to Launch Google Analytics 4 in an Attempt to Address EU Privacy Concerns

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

Regional privacy but global clouds. How to manage this complexity?

HONG KONG: Increased Enforcement Action?

Data Privacy Compliance Isn’t Just for Europe or California Anymore: Data Privacy Trends

Data protection strategy: Key components and best practices

India: New Digital Personal Data Protection Act, Start Planning Now.

CHINA: Clarifications of data classification and grading requirements

EDPB Publishes Report of Outcome of the Cookie Banner Taskforce

Testing the tricky apps for privacy and data protection

Personal data protection in the time of coronavirus (Covid-19)

More New York SHIELD Act guidance

China’s Data Privacy Law Poses Challenge for International Companies

Advisory note: ?Contact Tracing? for librarians and information professionals

Meet Your Audio-Video eDiscovery Needs with OpenText eDiscovery solutions

The CNIL’s key priorities for upcoming dawn-raids in 2021

CHINA: Navigating China Episode 15: Comprehensive New E-Commerce Rules Introduced

Make data protection a 2023 competitive differentiator

When are schools required to report personal data breaches?

China Issues Draft Measures on Security Assessment of Cross-border Data Transfer

Data privacy examples

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Colorado AG Publishes Draft Colorado Privacy Act Rules

Stay Connected