Compliance, Education, Government and Personal data

Government surveying further education providers before Brexit

IT Governance

SEPTEMBER 24, 2019

Among the uncertainty surrounding GDPR (General Data Protection Regulation) compliance – particularly with Brexit complicating things – the UK government has been a reliable source for advice. The government’s advice will be invaluable for understanding how to manage your data protection requirements.

Education

Education Government GDPR Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. How to avoid data breaches.

Personal data

Personal data Data breaches Data collection GDPR

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

Data Protection Report

FEBRUARY 27, 2024

On 1 and 2 February 2024, at the fourth 4 th ASEAN Digital Ministers Meeting ( ADGMIN ) in Singapore, ASEAN [1] unveiled: the updated Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses ( Joint MCC – SCC Guide ); and the ASEAN Guide on AI Governance and Ethics ( ASEAN AI Governance Guide ).

Government

Government Personal data Compliance Risk

China Implements Regulation Increasing Protections for Children’s Personal Data

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. In contrast with COPPA in the U.S., Consequences of the Regulation.

Personal data

Personal data Privacy Compliance Cybersecurity

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

That’s because the government adopted a UK-specific version of the Regulation’s requirements as part of the DPA (Data Protection Act) 2018. If you’re overwhelmed about GDPR compliance or find most implementation advice too technical and complex, don’t worry. Assess your current data protection measures. Let’s take a look.

GDPR

GDPR Compliance Personal data Access

What is data governance and why does it matter?

Collibra

FEBRUARY 16, 2022

Data governance is the practice of managing and organizing data and processes to enable collaboration and compliant access to data. Data governance allows users to create value from data assets even under constraints for security and privacy. No , you can’t use the data for that . No, no, no.

Government

Government IT Compliance Privacy

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

We’re through the eye of the GDPR (General Data Protection Regulation) storm. May 2018 brought a whirlwind of panic as organisations rushed to meet the compliance deadline, but it was followed by months of unnerving silence. Territorial scope refers to where the data is coming from. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

The Finnish Parliament has approved the new general Act on the Secondary Use of Social Welfare and Health Care Data (Laki sosiaali- ja terveystietojen toissijaisesta käytöstä, based on government proposal HE 159/2017) in March 2019. The Act shall become effective within the following weeks.

Personal data

Personal data GDPR Healthcare Compliance

Work Remotely Without Compromising Your Data

AIIM

JANUARY 7, 2021

A recent study commissioned by Egnyte surveyed 400 IT leaders to understand how COVID-19 has impacted businesses’ ability to maintain data security and governance with a distributed workforce. A well-educated and well-informed workforce is one of the best defenses against security risks. Enlist data owners to become guardians.

Unstructured data

Unstructured data Government Artificial Intelligence Risk

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%). And as these figures show many organisations still need to act to make sure the personal data they hold is secure.

GDPR

GDPR Government Education Compliance

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. The DPO is the key contact for the CNIL and data subjects.

GDPR

GDPR Compliance Personal data Communications

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

China has lacked a comprehensive data protection and data security law that regulates in detail requirements and procedures relating to the collection, processing, control and storage of personal data. In recent years, China has seen developments on data protection both in legislation and in practice.

Security

Security Military Government Risk

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

DLA Piper Privacy Matters

MAY 16, 2023

The new law broadens the scope of espionage activities, as well as the power for authorities to carry out anti-espionage investigations by gaining access to data and property. As noted above, this is particularly important with regard state secrets and “important data”.

IT

IT Compliance Communications Risk

What are the best books on data privacy?

IT Governance

MARCH 4, 2019

Fortunately, we’ve done the hard work for you, selecting four essential books that can help you manage data effectively and meet your data privacy obligations. EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide. appeared first on IT Governance Blog. Price : £9.95. Price : £9.95.

Data Privacy

Data Privacy Privacy GDPR Compliance

Hong Kong Personal Data (Privacy) Ordinance Amended

Hunton Privacy

JULY 12, 2012

On June 27, 2012, the Hong Kong Legislative Council passed a bill to amend the Personal Data (Privacy) Ordinance (the “Ordinance”). Most provisions will become effective on October 21, 2012, and the others will take effect on a day to be announced by publication in the Hong Kong Government Gazette.

Personal data

Personal data Data Privacy Privacy Marketing

US: Virginia passes comprehensive consumer data protection law

DLA Piper Privacy Matters

MARCH 18, 2021

during a calendar year, control or process personal data of at least 100,000 consumers, or. control or process personal data of at least 25,000 consumers and derive over 50 percent of gross revenue from the sale of personal data. Key provisions. Key provisions. business-to-business) or employment context.

Personal data

Personal data Sales GDPR Privacy

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? It came into effect in May 2018, following much discussion and a last-minute surge from organisations that left compliance until the last minute.

GDPR

GDPR Compliance Data breaches Personal data

Six eDiscovery Trends for 2024

eDiscovery Daily

JANUARY 10, 2024

Data Privacy Restrictions Will Increase With the growing awareness and importance of data privacy, governments and corporations will encounter more stringent regulations globally. The General Data Protection Regulation (GDPR) is an early example of this. This may be especially true for data that crosses national borders.

Blockchain

Blockchain Artificial Intelligence Cloud Compliance

Building cyber security careers

IT Governance

OCTOBER 21, 2021

The need for experienced and qualified cyber security professionals is a highlight of Cybersecurity Career Awareness Week , led by NICE (National Initiative for Cybersecurity Education). The most common skills gaps are “storing or transferring personal data, setting up configured firewalls, and detecting and removing malware”.

Security

Security Information Security GDPR Data Privacy

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements.

GDPR

GDPR Compliance Insurance Personal data

Make data protection a 2023 competitive differentiator

IBM Big Data Hub

JANUARY 19, 2023

Data privacy regulations, such as the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the state of California, are inescapable. These efforts must be supported by integrating data privacy and data ethics into an organization’s culture and customer experiences.

Data Privacy

Data Privacy Customer Experience Privacy Compliance

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

So, you are carrying out profiling if you collect and analyse personal data using algorithms or AI, make associations between habits and characteristics based on that data, and predict individuals’ behaviour based on the demographic or profile that you’ve assigned them. What are data subjects’ GDPR rights relating to profiling?

GDPR

GDPR Personal data Financial Services Compliance

The GDPR: A year in review

IT Governance

MAY 23, 2019

To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of the Regulation and the future of data protection. Compliance fatigue’. Compliance is a continuous requirement and although most organisations have made a good start, there is always more to do.”.

GDPR

GDPR Data breaches Compliance Retail

5 things HR departments need to know about data protection

IT Governance

OCTOBER 7, 2019

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The department is full of personal data, whether it’s of employees, their next of kin or candidates responding to job adverts. Let’s take a look at five issues that HR must address when handling personal data.

GDPR

GDPR Personal data Compliance Communications

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

Data protection and data privacy Data protection , defined as protecting important information from corruption, damage or loss, is critical because data breaches resulting from cyberattacks can include personally identifiable information (PII), health information, financial information, intellectual property and other personal data.

Security

Security Data breaches Data Privacy Compliance

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

Source (New) Software Luxembourg Yes 3,600,000 National Automobile Dealers Association Source (New) Retail USA Yes 1,065,000 Consórcio Canopus Source (New) Professional services Brazil Yes 1,400,000 The Teaching Company (Wondrium by The Great Courses) Source (New) Education USA Yes 1.3 TB Gräbener Maschinentechnik GmbH & Co.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used. The penalties for non-compliance.

GDPR

GDPR Privacy Retail Personal data

Virginia’s new Consumer Data Protection Act

Data Protection Report

MARCH 8, 2021

Importantly, note the new law’s definition of consumer : “a natural person who is a resident of the Commonwealth acting only in an individual or household context. institution of higher education. Such data security practices shall be appropriate to the volume and nature of the personal data at issue.”.

Personal data

Personal data GDPR Healthcare Sales

Only 25% of UK law firms are prepared for the GDPR

IT Governance

NOVEMBER 20, 2017

A recent report from CenturyLink has highlighted a lack of preparation among UK law firms for the upcoming EU General Data Protection (GDPR) compliance deadline. This is a surprising result, especially as law firms should understand the consequences of data breaches more than most organisations.

GDPR

GDPR Compliance Paper Data breaches

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

Attackers are no longer focusing solely on credit data, but target rich amounts of sensitive personal data on retailer’s systems or introduce ransomware for a quick payout that doesn’t even require data exfiltration. Today, unfortunately, retailers are again coming back to the spotlight.

Retail

Retail Cybersecurity Ransomware Authentication

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR

GDPR Government Data breaches Information Security

Are your staff GDPR trained? Find out what you need to do

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR

GDPR Government Data breaches Information Security

Top 5 Cloud security challenges, risks and threats

IT Governance

NOVEMBER 24, 2021

As such, the only way to protect your organisation is to educate staff on phishing attacks and teach them what to look out for. Although it’s impossible to eradicate insider threats, you can minimise the risk by creating robust processes and policies, and educating staff on the importance of that documentation. Get started.

Cloud

Cloud Risk Security Data breaches

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Education . Mapping data and having records of data processing across all school systems is one of the biggest and most important changes.

GDPR

GDPR Data breaches Personal data Data collection

A 6-step guide to surviving data breaches

IT Governance

FEBRUARY 1, 2019

Assess the affected data. You must provide details of: The types of personal data compromised; The number of personal data records affected; The number of data subjects potentially affected; and. The categories of data subject affected. How else can IT Governance help? Describe the impact.

Data breaches

Data breaches GDPR Personal data Compliance

HMRC forced to delete 5 million voice records after GDPR gaffe

IT Governance

MAY 9, 2019

According to the ICO , HRMC’s failing was that it didn’t obtain explicit consent to record individuals’ voices (a form of biometric data, which the GDPR considers a special category of personal data ). However, organisations that process personal data should be aware that consent isn’t always the best lawful basis to rely on.

GDPR

GDPR Personal data Education Passwords

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . The post How to implement a GDPR staff awareness training programme appeared first on IT Governance Blog.

GDPR

GDPR Compliance Security awareness Education

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . The post How to implement a GDPR staff awareness training programme appeared first on IT Governance Blog.

GDPR

GDPR Compliance Security awareness Education

UK ICO Releases Updated Cookie Compliance Guidance

Hunton Privacy

DECEMBER 29, 2011

On December 13, 2011, the Information Commissioner issued updated guidance on compliance with recent changes to UK law governing the use of cookies ( The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (“Regulations”)). Organizations were given a twelve-month grace period to comply with the new law.

Compliance

Compliance Computer and Electronics Privacy Communications

Draft Released in the Philippines Implementing Rules for the Data Privacy Act

Hunton Privacy

JUNE 28, 2016

Under the IRR, the processing of personal data has to adhere to the principles of transparency, legitimate purpose and proportionality. The IRR defines personal data as personal information, sensitive information and privileged information. The IRR stipulates general principles for data sharing.

Data Privacy

Data Privacy Privacy Personal data Computer and Electronics

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

2) Use your data governance framework as the foundation of your data privacy strategy. How can an organization implement a flexible and scalable data privacy strategy? . You have to find the best starting point and Data Governance is a good option. 3) Data privacy compliance is interdisciplinary.

Data Privacy

Data Privacy Privacy Government Compliance

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Data breached: 2,632,275 people’s data. 204 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Government surveying further education providers before Brexit

Security Compliance & Data Privacy Regulations

Trending Sources

When are schools required to report personal data breaches?

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

China Implements Regulation Increasing Protections for Children’s Personal Data

7 steps to highly effective GDPR compliance

What is data governance and why does it matter?

What UK charities need to know about GDPR compliance

Wake up to the reality of the GDPR: What you need to know about compliance

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

Work Remotely Without Compromising Your Data

Government survey reveals GDPR awareness is falling short

France: The CNIL publishes a practical guide on Data Protection Officers

China Issues Draft Data Security Law

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

What are the best books on data privacy?

Hong Kong Personal Data (Privacy) Ordinance Amended

US: Virginia passes comprehensive consumer data protection law

Is your school GDPR-compliant? Use our checklist to find out

Six eDiscovery Trends for 2024

Building cyber security careers

62% of organisations unaware of the GDPR

Make data protection a 2023 competitive differentiator

GDPR automated decision-making and profiling: what are the requirements?

The GDPR: A year in review

5 things HR departments need to know about data protection

Data security: Why a proactive stance is best

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Does your use of CCTV comply with the GDPR?

Virginia’s new Consumer Data Protection Act

Only 25% of UK law firms are prepared for the GDPR

Are Retailers Shopping for a Cybersecurity Breach?

Are your staff GDPR trained? Find out what you need to do

Are your staff GDPR trained? Find out what you need to do

Top 5 Cloud security challenges, risks and threats

Why is the GDPR still something I should be concerned about?

A 6-step guide to surviving data breaches

HMRC forced to delete 5 million voice records after GDPR gaffe

How to implement a GDPR staff awareness training programme

How to implement a GDPR staff awareness training programme

UK ICO Releases Updated Cookie Compliance Guidance

Draft Released in the Philippines Implementing Rules for the Data Privacy Act

5 learnings from the “Meeting the CCPA Challenge” webinar

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

Stay Connected