Compliance, Education and Personal data - Information Management Today

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. How to avoid data breaches.

Personal data

Personal data Data breaches Data collection GDPR

Government surveying further education providers before Brexit

IT Governance

SEPTEMBER 24, 2019

Among the uncertainty surrounding GDPR (General Data Protection Regulation) compliance – particularly with Brexit complicating things – the UK government has been a reliable source for advice. The government’s advice will be invaluable for understanding how to manage your data protection requirements. The GDPR and Brexit.

Education

Education Government GDPR Compliance

China Implements Regulation Increasing Protections for Children’s Personal Data

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. In contrast with COPPA in the U.S., Consequences of the Regulation.

Personal data

Personal data Privacy Compliance Cybersecurity

A more sustainable approach to CCPA compliance

Collibra

JANUARY 6, 2020

Now that the January 1, 2020 deadline for California Consumer Privacy Act (CCPA ) compliance passed, organizations are looking to create long-term sustainable compliance programs. It can be tempting to look at CCPA as “just another” compliance project, but that would be a real mistake. This is sustainable compliance. .

Compliance

Compliance Artificial Intelligence Data Privacy Personal data

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

That’s because the government adopted a UK-specific version of the Regulation’s requirements as part of the DPA (Data Protection Act) 2018. If you’re overwhelmed about GDPR compliance or find most implementation advice too technical and complex, don’t worry. Assess your current data protection measures. Let’s take a look.

GDPR

GDPR Compliance Personal data Access

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

We’re through the eye of the GDPR (General Data Protection Regulation) storm. May 2018 brought a whirlwind of panic as organisations rushed to meet the compliance deadline, but it was followed by months of unnerving silence. Territorial scope refers to where the data is coming from. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

The new Act codifies the relevant legislation and broadens the possibilities to, under certain conditions, utilize and combine for secondary purposes personal data collected in relation to public or private social and health care operations. The decisions on licenses are subject to an appeal.

Personal data

Personal data GDPR Healthcare Compliance

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Security Affairs

APRIL 1, 2023

The Italian Data Protection Authority, Garante Privacy, has temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors. The Authority pointed out that OpenAI does not alert users that it is collecting their data. ” continues the press release.

Privacy

Privacy Personal data GDPR Compliance

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

CIPL Submits Response to New Brazilian Data Protection Authority’s First Public Consultation on SMEs

Hunton Privacy

MARCH 4, 2021

Avoiding excessive exemptions to compliance and enforcement rules that could lead to SMEs (1) not complying with other applicable LGPD rules and (2) not being concerned about enforcement by the ANPD. regulatory sandboxes and policy roundtables).

Compliance

Compliance Personal data Data breaches Education

Businesses to Assist NHS Test and Trace Efforts

Hunton Privacy

JUNE 25, 2020

Establishments and companies in the UK will therefore be responsible for the additional collection and potential sharing of customers’ personal data. Any entity engaging in this kind of data collection will need to comply with the requirements of data protection law.

Data collection

Data collection Personal data Compliance Retail

Texas enacts comprehensive privacy law

Data Protection Report

JUNE 21, 2023

The new law has exclusions for Gramm-Leach-Bliley-covered financial institutions, HIPAA-covered covered entities and business associates, non-profits, institutes of higher education, and electric utilities, power generation companies, and retail electric providers. A similar requirement applies with respect to the sale of biometric data.

Privacy

Privacy Personal data Sales Retail

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

Data Matters

JUNE 22, 2022

Connecticut has passed a new state data privacy law slated to go into effect on July 1, 2023. Consistent with all of the state data privacy laws we have seen to date, the Connecticut law does not provide for a private right of action to broadly enforce the privacy rights provisions of the law. Data in Scope – The Majority Approach.

Data Privacy

Data Privacy Privacy Personal data Sales

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. The DPO is the key contact for the CNIL and data subjects.

GDPR

GDPR Compliance Personal data Communications

Hong Kong Personal Data (Privacy) Ordinance Amended

Hunton Privacy

JULY 12, 2012

On June 27, 2012, the Hong Kong Legislative Council passed a bill to amend the Personal Data (Privacy) Ordinance (the “Ordinance”). provide personal data to another person for that other person’s direct marketing purposes. The amendment will become effective in phases.

Personal data

Personal data Data Privacy Privacy Marketing

Data Privacy Compliance Isn’t Just for Europe or California Anymore: Data Privacy Trends

eDiscovery Daily

APRIL 10, 2019

She said many Latin American countries with data privacy laws used Spain’s consent-based version of the 1995 Data Protection Directive (the predecessor to GDPR in Europe) to shape their regulations. Unlike GDPR, POPIA asserts companies also have “personal data” that requires protection.

Data Privacy

Data Privacy Privacy Compliance GDPR

FTC Publishes Proposed Order Against Ed Tech Provider Edmodo

Hunton Privacy

MAY 30, 2023

On May 22, 2023, the Federal Trade Commission announced a proposed order against education technology provider Edmodo, LLC (“Edmodo”) for violations of the Children’s Online Privacy Protection Rule (“COPPA Rule”) and Section 5 of the FTC Act.

Education

Education Privacy Compliance IT

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions

Thales Cloud Protection & Licensing

OCTOBER 17, 2023

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions madhav Wed, 10/18/2023 - 05:25 This month is Cyber Security Awareness Month , highlighting how far security education needs to go in order to enable a secure interconnected world. This helps protect your privacy, rights, and ensures compliance with local laws.

Security awareness

Security awareness Security Passwords Authentication

Subject access requests: how do I retrieve my data from an organisation?

IT Governance

JUNE 21, 2018

Your ‘right of access’, set out in Article 15 of the Regulation, requires data controllers (organisations that control the processing of your data) to confirm whether they are processing your personal data and, if they are, provide you with a copy of that data – as long as doing so doesn’t adversely affect the rights and freedoms of others.

Access

Access Personal data GDPR Education

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

Data Protection Report

FEBRUARY 27, 2024

Key takeaways With the addition of the Implementation Guide to further clarify the process of operationalising data transfer clauses, the Joint MCC – SCC Guide is a useful tool for organisations seeking to implement cross-border transfers of personal data within ASEAN and between ASEAN and the EU.

Government

Government Personal data Compliance Risk

What are the best books on data privacy?

IT Governance

MARCH 4, 2019

Fortunately, we’ve done the hard work for you, selecting four essential books that can help you manage data effectively and meet your data privacy obligations. EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide. Price : £9.95. >> EU GDPR: A Pocket Guide, Schools’ edition.

Data Privacy

Data Privacy Privacy GDPR Compliance

US: Virginia passes comprehensive consumer data protection law

DLA Piper Privacy Matters

MARCH 18, 2021

during a calendar year, control or process personal data of at least 100,000 consumers, or. control or process personal data of at least 25,000 consumers and derive over 50 percent of gross revenue from the sale of personal data. Key provisions. Key provisions. business-to-business) or employment context.

Personal data

Personal data Sales GDPR Privacy

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? It came into effect in May 2018, following much discussion and a last-minute surge from organisations that left compliance until the last minute.

GDPR

GDPR Compliance Data breaches Personal data

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

KMaaS providers typically offer features such as FIPS 140-2 certified Hardware Security Modules (HSMs) to ensure the highest security and compliance for sensitive keys. The benefits of using KMaaS for data security include: 1. Compliance is the foundation to effective data security.

Encryption

Encryption Compliance Cloud Authentication

Make data protection a 2023 competitive differentiator

IBM Big Data Hub

JANUARY 19, 2023

Data privacy regulations, such as the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the state of California, are inescapable. These efforts must be supported by integrating data privacy and data ethics into an organization’s culture and customer experiences.

Data Privacy

Data Privacy Customer Experience Privacy Compliance

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data

Personal data GDPR Data Privacy Privacy

Six eDiscovery Trends for 2024

eDiscovery Daily

JANUARY 10, 2024

The General Data Protection Regulation (GDPR) is an early example of this. Projects in eDiscovery will need to be ever more careful about the collection and handling of personal data. This may be especially true for data that crosses national borders. Laws within nations are evolving as well.

Blockchain

Blockchain Artificial Intelligence Cloud Compliance

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

consumers a smidgen more control over their personal data while online. McConomy: The stream of news from mainstream media and tech magazines highlighting personal data privacy options and improved regulations, for one. With loyalty comes respect, adherence and compliance.

Privacy

Privacy Personal data Manufacturing Data Privacy

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

DLA Piper Privacy Matters

MAY 16, 2023

Following the observation of increased enforcement to target anti-espionage activities, organisations are advised to focus on adopting internal governance mechanisms to ensure compliance with the relevant laws, as well as being ready to react to any potential enforcement action in a responsive manner.

IT

IT Compliance Communications Risk

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

Hunton Privacy

JULY 28, 2020

On July 23, 2020, the UK Information Commissioner’s Office (the “ICO”) published the first two reports of its Data Protection Regulatory Sandbox Beta phase (the “Beta phase”) involving projects by Jisc (a not-for-profit organization serving the higher and further education and skills sectors) and Heathrow Airport Ltd.

IT

IT GDPR Personal data Compliance

The GDPR: A year in review

IT Governance

MAY 23, 2019

To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of the Regulation and the future of data protection. Compliance fatigue’. Compliance is a continuous requirement and although most organisations have made a good start, there is always more to do.”.

GDPR

GDPR Data breaches Compliance Retail

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

Data Matters

APRIL 5, 2018

The Black List published by the Belgium Privacy Commission sets out that a DPIA will always be required: Where the processing involves the use of biometric data to uniquely identify individuals in a public space or in a private space accessible to the public; Where the personal data is collected from a third party in order to make a decision to refuse (..)

GDPR

GDPR Privacy Personal data Education

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

MARCH 30, 2023

Two-thirds of the GDPR fines issued by EU data protection authorities last year where from the DPC, illustrating a continued commitment to enforcement. This inquiry involves the processing of personal data in relation to biometric facial templates used in the department’s registration process.

Personal data

Personal data GDPR Compliance Financial Services

CIPL Releases Paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age

Hunton Privacy

DECEMBER 14, 2023

Increase education and awareness about PETs : PET developers and providers need to show tangible evidence of the value of PETs and help policymakers, regulators and organizations understand how such technologies can facilitate responsible data use.

Paper

Paper Privacy Data Privacy Education

5 things HR departments need to know about data protection

IT Governance

OCTOBER 7, 2019

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The department is full of personal data, whether it’s of employees, their next of kin or candidates responding to job adverts. Let’s take a look at five issues that HR must address when handling personal data.

GDPR

GDPR Personal data Compliance Communications

President Biden Issues Executive Order Protecting Privacy of Reproductive Health Data

Hunton Privacy

JULY 13, 2022

The FTC warned health apps of their compliance obligations under this rule in September 2021.

Privacy

Privacy Sales Education Compliance

If You’re a Cloud Provider or Consumer, Consider These Guidelines on How to Conduct Yourself in Europe: eDiscovery Best Practices

eDiscovery Daily

NOVEMBER 26, 2017

While we were preparing to eat turkey and stuff ourselves with various goodies last week, the Cloud Security Alliance (CSA) provided an important guideline for compliance with the European Union General Data Protection Regulation (GDPR). With the introduction of GDPR, data protection compliance becomes increasingly risk-based.

Cloud

Cloud GDPR Personal data Compliance

Virginia’s new Consumer Data Protection Act

Data Protection Report

MARCH 8, 2021

Importantly, note the new law’s definition of consumer : “a natural person who is a resident of the Commonwealth acting only in an individual or household context. institution of higher education. Such data security practices shall be appropriate to the volume and nature of the personal data at issue.”.

Personal data

Personal data GDPR Healthcare Sales

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements.

GDPR

GDPR Compliance Insurance Personal data

Work Remotely Without Compromising Your Data

AIIM

JANUARY 7, 2021

With an average of 47% of corporate files containing sensitive data, it’s no surprise that the increased risk of data breaches is the top concern for CTOs when it comes to content sprawl. A well-educated and well-informed workforce is one of the best defenses against security risks. Your data is the value.

Unstructured data

Unstructured data Government Artificial Intelligence Risk

What are the Data Subject Rights under the GDPR?

IT Governance

JUNE 15, 2018

Even though the EU General Data Protection Regulation (GDPR) is now in effect, many organisations are still working towards compliance. That’s certainly not the end of the world , but organisations will run into serious problems if they aren’t equipped to deal with data subject rights. The right of access. The right to object.

GDPR

GDPR Personal data Compliance Access

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

China has lacked a comprehensive data protection and data security law that regulates in detail requirements and procedures relating to the collection, processing, control and storage of personal data. In recent years, China has seen developments on data protection both in legislation and in practice.

Security

Security Military Government Risk

Security Compliance & Data Privacy Regulations

When are schools required to report personal data breaches?

Trending Sources

Government surveying further education providers before Brexit

China Implements Regulation Increasing Protections for Children’s Personal Data

A more sustainable approach to CCPA compliance

7 steps to highly effective GDPR compliance

What UK charities need to know about GDPR compliance

Wake up to the reality of the GDPR: What you need to know about compliance

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

CIPL Submits Response to New Brazilian Data Protection Authority’s First Public Consultation on SMEs

Businesses to Assist NHS Test and Trace Efforts

Texas enacts comprehensive privacy law

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

France: The CNIL publishes a practical guide on Data Protection Officers

Hong Kong Personal Data (Privacy) Ordinance Amended

Data Privacy Compliance Isn’t Just for Europe or California Anymore: Data Privacy Trends

FTC Publishes Proposed Order Against Ed Tech Provider Edmodo

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions

Subject access requests: how do I retrieve my data from an organisation?

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

What are the best books on data privacy?

US: Virginia passes comprehensive consumer data protection law

Is your school GDPR-compliant? Use our checklist to find out

A Guide to Key Management as a Service

Make data protection a 2023 competitive differentiator

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Six eDiscovery Trends for 2024

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

CHINA: new Anti-Espionage Law and its impact on your China data and operations – how your organisation should respond

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

The GDPR: A year in review

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

CIPL Releases Paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age

5 things HR departments need to know about data protection

President Biden Issues Executive Order Protecting Privacy of Reproductive Health Data

If You’re a Cloud Provider or Consumer, Consider These Guidelines on How to Conduct Yourself in Europe: eDiscovery Best Practices

Virginia’s new Consumer Data Protection Act

62% of organisations unaware of the GDPR

Work Remotely Without Compromising Your Data

What are the Data Subject Rights under the GDPR?

China Issues Draft Data Security Law

Stay Connected