Data Protection Report

JANUARY 9, 2023

With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. . in damages to its customer over data leak.

Cybersecurity 114

Cybersecurity Personal data Data breaches Ransomware 114

ARMA International

OCTOBER 16, 2019

Almost all cross-border documents that might be sought in litigation will contain at least some personal information. See the GDPR, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC [2016] OJ L119/1, 33.

Compliance 55

Compliance e-Discovery GDPR Privacy 55

Security Affairs

OCTOBER 20, 2020

This is where data privacy comes into play and organizations are looking for data privacy management softwares that can fulfill their data privacy needs, while complying with data regulations in order to avoid fines. Tracking Personal Data.

Data Privacy 100

Data Privacy Privacy GDPR Compliance 100

Thales Cloud Protection & Licensing

APRIL 13, 2021

Businesses need to evolve their identity management program to a cloud-based, modern Identity and Access Management (IAM) strategy to “enable the right individuals to access the right resources at the right times for the right reasons,” as Gartner notes. A Comprehensive Guide to Authentication Mechanisms: [link]. Data security.

Authentication 77

Authentication Security Cloud Digital transformation 77

ARMA International

APRIL 18, 2022

By doing this, an organization retains necessary business information while saving money and resources by disposing of unnecessary information that would otherwise drive up the cost of storage, data migration, and litigation. Introduction to Data Protection Laws.

Personal data 100

Personal data GDPR Privacy Records Management 100

IT Governance

JUNE 13, 2019

If your organisation is subject to the GDPR (General Data Protection Regulation) , you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold. An essential principle of this is data protection by design and by default.

GDPR 90

GDPR Personal data Compliance Privacy 90

Hunton Privacy

FEBRUARY 8, 2021

The ANPD’s regulatory strategy for 2021-2023 sets forth the agency’s vision for becoming a reference, nationally and internationally, with respect to data protection matters. Transparency. In addition, the ANPD will issue a status report on its progress with respect to the work plan every six months. Initial Investigations.

Data breaches 138

Data breaches Data Privacy Compliance Privacy 138

DLA Piper Privacy Matters

JUNE 18, 2020

So, there will be no rescuing CCPA “businesses” from compliance with the CCPA. So, what is a Chief Privacy Officer to do about CCPA compliance amidst this uncertainty – not to mention the chaos and dramatic recession brought on by COVID-19?

Privacy 84

Privacy Compliance Sales Risk 84

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. Or it could mean separate country or regional schedules.

Privacy 52

Privacy Compliance Personal data Risk 52

Data Matters

SEPTEMBER 18, 2020

The first part seeks to further clarify the meaning of these concepts—which are crucial in determining compliance responsibilities under the GDPR—by reference to various examples. In the case of a “converging decision”, the EDPB notes that each party must be inseparable and “inextricably linked”.

GDPR 97

GDPR Personal data Compliance Access 97

IT Governance

JANUARY 5, 2024

Networks have moved from self-contained, on-site setups to multiple Cloud services that are accessed remotely by staff and resources. These problems are compounded by a lack of resources – from a funding perspective, but also in terms of skills shortages. In view of those risks, how can I optimise my resources?

Cloud 118

Cloud Risk Access Security 118

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data 68

Personal data GDPR Data Privacy Privacy 68

DLA Piper Privacy Matters

JANUARY 28, 2022

In Asia Pacific, China ’s Personal Information Protection Law (PIPL) came into force. This consolidates obligations on processing of personal information at a national law level, but still leaves to be determined in the future through subsequent regulations and guidelines. Our Tools and Resources. billion (USD1.2 / GBP0.9

GDPR 98

GDPR Privacy Data breaches Personal data 98

IT Governance

DECEMBER 13, 2018

This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Data breaches only need to be reported if they “pose a risk to the rights and freedoms of natural living persons”. Not all breaches need to be reported.

Data breaches 110

Data breaches GDPR Personal data Compliance 110

IT Governance

OCTOBER 24, 2018

This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Data breaches only need to be reported if they “pose a risk to the rights and freedoms of natural living persons”. Not all breaches need to be reported.

Data breaches 110

Data breaches GDPR Compliance Personal data 110

Hunton Privacy

SEPTEMBER 10, 2020

The concepts of controller and processor play a crucial role in the application of the GDPR since they determine who is responsible for compliance with the GDPR obligations and how individuals (“data subjects”) can exercise their data protection rights in practice. Background.

GDPR 95

GDPR Personal data Data breaches Compliance 95

Collibra

JANUARY 25, 2022

It now covers a consumer, a family, or a device linked to a consumer or family, and includes all forms of persistent or probabilistic identifiers. While the CPRA effective date is still a year away, it’s time to be proactive and strengthen your governance sensitive data categories. How Collibra helps. Regulatory glossary.

Data Privacy 59

Data Privacy Privacy Personal data Government 59

DLA Piper Privacy Matters

MARCH 6, 2023

It also includes processing necessary for the performance of tasks that are “directly linked to” the public interest task. The decision therefore also contains a clear reminder that all pre-GDPR compliance documentation should have been updated by now to avoid sanctions. GDPR can also be relied on. To comply with article 6.3

GDPR 98

GDPR Personal data Compliance IT 98

DLA Piper Privacy Matters

DECEMBER 4, 2017

Under the General Data Protection Regulation (GDPR), companies that process large amounts of sensitive personal data or consistently monitor data subjects on a large scale will be required to appoint a data protection officer (DPO). This does not mean, however, that DPOs are not liable for their activities.

GDPR 40

GDPR Compliance Personal data Privacy 40

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR 77

GDPR Government Data breaches Information Security 77

IT Governance

OCTOBER 30, 2018

Staff awareness training is a core component of GDPR compliance, yet many organisations haven’t implemented the necessary measures. Verizon estimates than one in four data breaches are caused by insiders. Breaches tend to happen because employees aren’t aware of the risks associated with handling personal data.

GDPR 77

GDPR Government Data breaches Information Security 77

DLA Piper Privacy Matters

OCTOBER 10, 2022

They can then use this training to interpret new data and form outputs based on the intended process. The use of ML systems gives rise to several questions which lawyers and compliance professionals may be uncertain about answering. For example: How is the data interpreted? How can an outcome be verified as accurate?

Personal data 98

Personal data GDPR Privacy Marketing 98

OpenText Information Management

JANUARY 31, 2024

In litigation, investigations and regulatory compliance matters, legal teams are under intense pressure to deliver superior results on time and within budget. Overturn reporting links to source data – Derive maximum value from overturn reporting by viewing the overturned documents in the results list to see the specific tagging changes.

Analytics 52

Analytics Cloud Data Privacy Compliance 52

Privacy and Cybersecurity Law

AUGUST 5, 2020

Secondly, in most cases where an organisation utilises AI, it will be mandatory to conduct a DPIA – and the ICO suggests that your DPIA process should both comply with data privacy laws generally but also conform to specific standards set out in the Guidance. Statistical accuracy needs to be balanced with the principle of data minimisation.

Artificial Intelligence 59

Artificial Intelligence GDPR Personal data Compliance 59

Data Matters

OCTOBER 26, 2021

However, as the ICO noted, these research purposes will still require safeguards on top of those already present in Article 89(1) of the UK GDPR to prevent a data subject’s personal data being used in unexpected ways. The ICO prefers recital 26, as it is linked to existing legislation and so is a more pragmatic option.

Government 97

Government GDPR IT Personal data 97

HL Chronicle of Data Protection

JUNE 13, 2019

Article 2 of the draft Data Security Measures states that the provisions therein govern all sector data processing activities (including, but not limited to, data collection, retention, transfer, and processing and use), that use cyber technologies within the territory of the People’s Republic of China.

Personal data 40

Personal data IT Data collection Compliance 40

HL Chronicle of Data Protection

APRIL 5, 2019

Privacy Shield should update their Privacy Shield privacy policies if they have not done so already to ensure that they are able to lawfully receive personal data from the UK post-Brexit. To learn more about the Privacy Shield program, and to view our certification, please visit [link]. Since then, the U.S.

Privacy 40

Privacy Compliance Personal data Government 40

IT Governance

MAY 24, 2021

The victim will either download an attachment that contains malware, or they’ll click a link and hand over sensitive information, such as their login credentials or financial information. This will result in financial losses from the disruption to productivity, and in having to spend time and resources on remediation efforts.

Phishing 122

Phishing Data breaches Passwords Access 122

Collibra

AUGUST 14, 2023

Our framework is informed by our definition of AI governance: AI governance is the application of rules, processes and responsibilities to drive maximum value from your automated data products by ensuring applicable, streamlined and ethical AI practices that mitigate risk, adhere to legal requirements and protect privacy.

Government 52

Government Risk Financial Services Compliance 52

IT Governance

NOVEMBER 28, 2023

For more details on the first core requirement, risk management, see our interview with Andrew Pattison, head of GRC [governance, risk and compliance] consultancy Europe, from two weeks ago. Ultimately, resources are – of course – limited. What is your view on DORA as a whole? What sorts of ICT incidents must be reported under DORA?

Risk 52

Risk Compliance Government Security 52

Thales Cloud Protection & Licensing

JUNE 12, 2018

However, with more data available for analytical purposes, the harder it becomes to protect it across distributed repositories. Industry best practices call for the use of robust encryption solutions to protect sensitive and personal data.

Big data 48

Big data Analytics Authentication e-Discovery 48

IT Governance

MARCH 23, 2018

These messages typically contain a link or an attachment, which the attacker uses to steal the recipient’s personal data or infect their system with malware. Insider threats and privilege misuse , which includes any unauthorised use of organisational resources – whether accidental or malicious.

Data breaches 65

Data breaches Phishing Analytics Information Security 65

IT Governance

DECEMBER 20, 2022

Articles 5(1) and 5(2) state that personal data must be processed lawfully, fairly and in a transparent manner, and that the data controller must be able to demonstrate that it is doing so. Articles 24(1) and 32(1) state that organisations must implement appropriate technical and organisational measures to protect personal data.

Security 132

Security Data breaches Ransomware Military 132

IBM Big Data Hub

FEBRUARY 6, 2024

For example, a recent Kyndril study (link resides outside ibm.com) concluded that infrastructure failure can cost enterprises as much as USD 100,000 per hour, with application failure ranging from USD 500,000 to USD 1 million per hour.

Data breaches 89

Data breaches Phishing Cloud Ransomware 89

IT Governance

MAY 24, 2024

Expert insight from our cyber incident responder Cyber attacks and data breaches are a matter of when, not if. A determined attacker will always be able to find their way around your defences, given enough time and resources. Those people will be affected if anything goes wrong due to mismanagement of their data.

Risk 118

Risk Security Ransomware Phishing 118

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. For many readers of this post, a huge amount of work will have been done in recent months in building up to compliance with the new regime. Different departments and systems hold personal data about an individual.

GDPR 40

GDPR Personal data Compliance Data breaches 40

Information is Currency

FEBRUARY 17, 2017

The lead up to it caused me to delay links of the day. Despite years of talking about information governance and compliance, less than half of companies surveyed have a compliance culture — and many companies apparently have no governance strategy at all. Mobile apps give MDM access to personal info. Sorry for the delay.

MDM 40

MDM Big data Information governance Analytics 40