IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR 76

GDPR Compliance Personal data Privacy 76

DLA Piper Privacy Matters

MARCH 24, 2021

Issues to be addressed include: Data privacy: compliant privacy notices/consents must be given to/obtained from customers using or buying via e-commerce or livestreaming platforms, sites, apps and services on or before collection or use of personal data, including appropriate direct marketing opt-ins and unsubscribe functions.

Personal data 111

Personal data Data Privacy Marketing Compliance 111

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. In this regard we expect it will be welcomed by local, regional and international businesses, in particular those that rely heavily upon personal data and international personal data flows.

Personal data 105

Personal data Data breaches GDPR Compliance 105

Data Protection Report

MARCH 21, 2023

We had previously written about an FTC proposed consent order that would prohibit a company from perpetual retention of personal health information. that would prohibit the company from perpetual retention of personal information—a broader category. million settlement.

Privacy 59

Privacy Compliance Personal data Government 59

Thales Cloud Protection & Licensing

DECEMBER 11, 2023

This means finding data wherever it is within an organization’s IT systems and layering in context for classification to enhance the efficiency and accuracy of results. 1) Pattern Matching : The foundational classification method for data, this technique matches known patterns to information that lives in your data.

Unstructured data 83

Unstructured data Cloud Data Privacy GDPR 83

Data Matters

APRIL 5, 2018

On 28 February 2018, the Belgian Commission for the Protection of Privacy (the “Privacy Commission”) published a recommendation setting out its approach to Data Protection Impact Assessments (“DPIAs”), and in doing so published a “White List” and a “Black List” of processing operations, pursuant to the General Data Protection Regulation (“GDPR”).

GDPR 92

GDPR Privacy Personal data Education 92

IT Governance

OCTOBER 15, 2019

3 GDPR compliance tips for small businesses. GDPR: What’s the difference between personal data and sensitive data? There are also times when you must also complete a specific type of risk assessment, called a DPIA (data protection impact assessment) , to review the way you process personal data.

GDPR 71

GDPR Risk Compliance Personal data 71

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Introduction to Data Protection Laws. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data 100

Personal data GDPR Privacy Records Management 100

DLA Piper Privacy Matters

MAY 13, 2020

The Information Commissioner’s Office (“ ICO ”) has published guidance for employers on complying with data protection law when taking steps to manage Covid-19 health and safety risk in the workplace (“ Guidance ”). This means that the usual data protection principles apply. Sharing of data about infected employees.

GDPR 126

GDPR Personal data Risk Privacy 126

DLA Piper Privacy Matters

MARCH 19, 2020

Organisations are looking to adopt measures that support business continuity, whilst appropriately protecting the health and safety of workers, customers etc and complying with wider public health initiatives. sharing information with public health authorities. sharing information with public health authorities.

GDPR 98

GDPR Personal data Compliance Privacy 98

Data Matters

OCTOBER 6, 2022

On 7 September 2022, the Information Commissioner’s Office (“ ICO ”) published draft guidance (“ Guidance ”) on privacy-enhancing technologies (“ PETs ”). It is hoped that the Guidance will help organizations have the confidence to utilize PETs to develop innovative applications without compromising on privacy concerns, or trust.

GDPR 88

GDPR Privacy Encryption Compliance 88

Data Matters

MARCH 12, 2020

In light of the ongoing Coronavirus (COVID-19) pandemic, the ICO has today issued guidance on “Data protection and coronavirus: what you need to know” for data controllers. The ICO has also published advice for health care practitioners. Sharing employee health data with authorities for public health purposes.

GDPR 83

GDPR Communications Privacy Government 83

Thales Cloud Protection & Licensing

JANUARY 16, 2020

Objectives of the Personal Data Protection Bill. Many privacy professionals consider the European Union’s General Data Protection Regulation (GDPR), which took effect in May 2018, as the cornerstone of privacy regulation. GDPR is harmonizing data protection and privacy requirements across the EU.

Personal data 24

Personal data Compliance Data breaches GDPR 24

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. The Guide is composed of four main Parts : I. Provide information and advice.

GDPR 116

GDPR Compliance Personal data Communications 116

Data Matters

NOVEMBER 4, 2020

The results are in, and California voters have approved the California Privacy Rights Act (CPRA) which was listed on the ballot as Proposition 24. Consumers will also have opt-out rights relating to the use of their personal information in automated decision-making, including consumer profiling. A Closer Look at Key CPRA Provisions.

Privacy 122

Privacy B2B Sales Data breaches 122

Hunton Privacy

APRIL 1, 2020

The Conference of German Data Protection Authorities (“DSK”), the body of the federal and state Data Protection Authorities (“DPAs”) in Germany, recently issued joint recommendations regarding employers’ processing of employee personal data in the context of the coronavirus (“COVID-19”) pandemic.

Personal data 82

Personal data Authentication Communications Risk 82

DLA Piper Privacy Matters

AUGUST 19, 2021

Background On 24 July 2018, the Medicines and Healthcare Products Regulatory Agency (‘ MHRA’ ) executed a search warrant at premises at which personal data was held for which DDL was the controller. The premises belonged to a waste disposal business, tasked with destroying the material in the guise of processor of that personal data.

GDPR 105

GDPR Personal data Compliance Risk 105

Security Affairs

MAY 12, 2021

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to. Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. Data Protection.

GDPR 91

GDPR Privacy Personal data Data breaches 91

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. To comply with the data controller’s legal obligations. To protect the data subject’s vital interests.

GDPR 102

GDPR Personal data Privacy Access 102

Hunton Privacy

JULY 28, 2020

The ICO introduced the Regulatory Sandbox service with the goal of demonstrating that data protection can be combined with real world innovative solutions. The Beta phase of the Regulatory Sandbox was launched in September 2019 as a pilot and involves the assessment of ten products and services that use personal data in innovative ways.

IT 91

IT GDPR Personal data Compliance 91

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

where processing is for research purposes, disapplying the current requirement for controllers who collected personal data directly from the data subject to provide further information to the data subject prior to any further processing, where it would require a disproportionate effort to do so.

Government 104

Government Paper Personal data GDPR 104

IT Governance

JUNE 25, 2018

With all the noise, however, it’s possible that the key facts haven’t been heard clearly, especially by those in smaller businesses where there isn’t always a defined person to take the lead for IT. Any and all UK organisations that handle personal data (e.g. But what does compliance look like? So, what are the key facts?

Retail 71

Retail GDPR IT Compliance 71

DLA Piper Privacy Matters

DECEMBER 14, 2018

The Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , “ Dutch DPA “) previously stated that it shall focus its enforcement actions on the public and health sector, and seems to act upon its words. First of all, the focus seems to lie on accountability, one of the core data protection principles.

GDPR 40

GDPR Personal data Insurance Privacy 40

DLA Piper Privacy Matters

FEBRUARY 11, 2020

The DPA will be especially focussing on enhancing GDPR compliance in the following industry sectors: Telecom and media sector , due to the large amount of data they process. Adequate security and the re-use of data are of special importance to the BDPA; Public authorities , due to the large amount of (sensitive) data they process.

IT 81

IT GDPR Compliance Personal data 81

DLA Piper Privacy Matters

JUNE 21, 2021

The speed of its passing has left multinational businesses scrabbling to understand the key compliance obligations. While many of the practical compliance steps will be detailed in measures and guidelines to be published over the coming weeks and months, here’s what we already know: 1. extra-territorial effect) – must comply.

Security 71

Security Compliance Data Privacy Risk 71

Data Matters

NOVEMBER 13, 2020

The publication of the EC’s Draft comes just one day after the European Data Protection Board (EDPB) published its draft recommendations describing how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the Schrems II ruling.

Personal data 68

Personal data GDPR Privacy Compliance 68

Hunton Privacy

JULY 11, 2019

Although McDougall pointed to various areas of the industry that are causing the regulator concern, he stated that the ICO’s focus in the short-term is primarily on the use of special category (also known as sensitive) data processed as part of real-time bidding, such as race, religion and mental health. This is simple stuff.”.

GDPR 55

GDPR Marketing Personal data Compliance 55

DLA Piper Privacy Matters

MAY 14, 2018

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. The Italian Board of Ministers issued the final text of the legislative decree integrating the EU General Data Protection Regulation.

GDPR 45

GDPR Privacy Systems administration Compliance 45

DLA Piper Privacy Matters

OCTOBER 10, 2022

For example, the ML system could be used to determine likely trends of categories of persons to default on loan agreements through the processing of financial default information. During the development and training of their algorithms, ML systems begin to adapt and recognise patterns within its data.

Personal data 98

Personal data GDPR Privacy Marketing 98

Data Matters

FEBRUARY 10, 2020

Summarised below are the key takeaways from the Draft Code: Service messages: According to the Draft Code, consent is not required under the Privacy and Electronic Communications Regulation ( PECR ) where an organisation sends service or operational messages to individuals (e.g.,

Marketing 68

Marketing GDPR Personal data Communications 68

HL Chronicle of Data Protection

SEPTEMBER 14, 2018

101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal. The provisions of the Privacy Code adopted to implement the e-Privacy Directive will of course remain in force.

GDPR 40

GDPR Personal data Privacy Communications 40

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). It is intended to give consumers more transparency regarding and control over their data and establishes highly detailed requirements for what companies that collect personal data about California residents must disclose. .

GDPR 79

GDPR Privacy Sales Data breaches 79

HL Chronicle of Data Protection

SEPTEMBER 18, 2017

The Information Commissioner’s Officer (ICO) ruled, on 3 July 2017, that the Royal Free NHS Foundation Trust (the Trust) had failed to comply with the Data Protection Act 1998 (DPA) when it provided 1.6 The development phase had already taken place but that phase had used synthetic data or dummy data so did not raise any data privacy issues.

GDPR 40

GDPR Personal data Privacy Data Privacy 40

Data Protection Report

APRIL 16, 2020

The DPC will allow a period of six months from the date of publication of the Guidance for data controllers to bring their websites and mobile apps into compliance, after which enforcement action will commence. A cookie consent banner must not obscure the text of the privacy or cookie notice.

Analytics 87

Analytics Data collection Compliance Privacy 87

DLA Piper Privacy Matters

APRIL 9, 2018

Italian companies can now rely on guidelines on how to comply with the European privacy regulation (GDPR) which unvail some interesting positions. . As already provided by the current regime, any type of processing of personal data needs to have a legal basis justifying it. Longer privacy information notice, but multi-layer.

GDPR 40

GDPR Personal data Privacy Data breaches 40

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. Derives 50% or more of annual revenues from selling consumer “personal information”. The International Association of Privacy Professionals estimates at least 500,000 U.S.

Privacy 58

Privacy Sales Education Compliance 58