Data Matters

NOVEMBER 4, 2020

Changes to the Definition of Businesses Subject to the CPRA. The CPRA adjusts its definition of a “business” as defined by the CCPA; broadening the scope in some cases, and narrowing it in others. The CPRA expanded the definition of a business in several respects. However, in some cases, the definition of “business” is narrowed.

Privacy 122

Privacy B2B Sales Data breaches 122

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data 100

Personal data GDPR Privacy Records Management 100

IT Governance

NOVEMBER 28, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’ve also included more details on the top 3 biggest breaches of the week. The ‘enforcement’ and ‘other news’ categories remain unchanged.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

erwin

DECEMBER 20, 2018

The driving factors behind data governance adoption vary. Whether implemented as preventative measures (risk management and regulation) or proactive endeavors (value creation and ROI), the benefits of a data governance initiative is becoming more apparent. Defining Data Governance. to Data Governance 2.0

Government 40

Government Financial Services GDPR Data breaches 40

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. Schools, hospitals and government agencies all fall under GDPR authority.

GDPR 82

GDPR Compliance Personal data Privacy 82

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR 77

GDPR Compliance Personal data Privacy 77

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy 98

Privacy Insurance Security Data breaches 98

eSecurity Planet

DECEMBER 22, 2021

If your organization isn’t located in China but holds data on Chinese citizens, you must establish either an office or designated representative in China and register that information with the appropriate government officials. If none of those are applicable to you, then you need to get consent from each person you’re keeping data on.

GDPR 144

GDPR Compliance Data Privacy Privacy 144

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission).

Privacy 85

Privacy GDPR Data breaches Risk 85

Data Matters

JULY 28, 2021

Other states have taken a more limited approach, most notably Nevada, which increased the scope of the right to opt out of personal data sales under its targeted privacy law. Applicability and Definitions. After signing the CPA into law, Gov. ” Additionally, Gov. ” Additionally, Gov. Despite Gov.

Privacy 88

Privacy Sales Personal data Compliance 88

Data Matters

JUNE 26, 2018

6 general election ballot. This initiative would likely create a de facto national standard on transparency around third-party sharing as well as consumer rights to restrict data sharing and could affect many business models that depend on data monetization to offer a free good or service. biometric data.

Privacy 60

Privacy GDPR Sales Data breaches 60

Data Matters

FEBRUARY 12, 2019

Against this backdrop, and with less than a year before the CCPA goes into effect on January 1, 2020, eyes are now increasingly turning to the California Attorney General (AG). The forums won’t likely provide definitive answers, they will likely provide some of the best information available. Definition of Unique Identifiers.

Sales 74

Sales Privacy Data Privacy Compliance 74

DLA Piper Privacy Matters

DECEMBER 3, 2021

There are also new requirements around transfers of data outside of the UAE and requirements to keep data secure, and to notify the new data protection regulator, and in some circumstances data subjects, of data breaches. Definitions. What does the PDPL cover and who does it apply to? Exceptions.

Personal data 105

Personal data Data breaches GDPR Compliance 105

Data Protection Report

APRIL 23, 2018

The measure would expand the definition of personal information to include categories such as biometric data, commercial activity, internet browsing activity, geolocation data, IP address information, and any inferences drawn about consumers from this data.

Privacy 40

Privacy GDPR Data breaches Marketing 40

Hunton Privacy

SEPTEMBER 16, 2019

Adds definitions of “contractor,” “director,” “medical staff member,” “officer” and “owner.” (Cal. A business shall not collect additional categories of personal information or use personal information collected for additional purposes without providing the consumer with notice consistent with this section.”. Code § 1798.145(g)(2).

Sales 48

Sales B2B Communications Data breaches 48

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission).

Privacy 52

Privacy GDPR Data breaches Risk 52

Data Matters

JULY 14, 2022

As the year approaches its halfway point, Chinese government accelerates the legislation for cross-border data transfers. Certification Rules for Cross-Border Data Processing Activities Are Finalized. If any material aspects of the cross-border data transfer (e.g., – Clause 2 Obligations of the data exporter.

Compliance 97

Compliance Risk Data breaches Cybersecurity 97

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. The definition of personal information under AB 375 is expansive.

GDPR 79

GDPR Privacy Sales Data breaches 79

Data Protection Report

MARCH 16, 2022

The relevant portions of the law, titled the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“Act”) proposes reporting requirements for incidents, establishes new programs to curtail ransomware attacks and encourages information sharing between government agencies. New Government Programs. Reporting Requirements.

Ransomware 59

Ransomware FOIA Agriculture Cybersecurity 59

eSecurity Planet

JUNE 17, 2022

The National Institute of Standards and Technology (NIST) publication SP 800-207 provides a similar and consistent definition for zero trust. We can generally interpret these definitions as encouragement to treat all resources as if they are fully exposed to the internet and as if all users are attacking. Zero Trust Hype.

Cloud 122

Cloud Authentication Access Security 122

Data Matters

OCTOBER 23, 2019

Businesses, consumer advocates, and privacy watchers have thus been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate. As laid out below, the nature and breadth of the Attorney General’s proposed regulations explain why they took so long to produce.

Sales 60

Sales Privacy Passwords Compliance 60

IT Governance

DECEMBER 19, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’re also introducing two new categories this week: ‘AI’ and ‘Key dates’. Data breached: personal data belonging to 14,690,284 individuals.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. The definition of personal information under AB 375 is expansive.

GDPR 60

GDPR Privacy Sales Data breaches 60

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The CCPA’s definition of “consumer” is equally broad.

Privacy 58

Privacy Sales Compliance Cybersecurity 58

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents. Consumer access and data portability rights. Private actions.

Privacy 40

Privacy GDPR Personal data Risk 40

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents. Consumer Access and Data Portability Rights. Private Actions.

Privacy 40

Privacy GDPR Personal data Risk 40

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The CCPA’s definition of “consumer” is equally broad.

Privacy 58

Privacy Sales Education Compliance 58

HL Chronicle of Data Protection

JUNE 28, 2018

Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 ( AB 375 ), applies broadly to businesses that collect personal information about California consumers and aims to create significant new consumer privacy rights.

Privacy 40

Privacy GDPR Marketing Data breaches 40

eSecurity Planet

SEPTEMBER 23, 2022

In effect, the law increased criminal and financial liability for managers and board members even as it avoided any definition of financial competence. See the top Governance, Risk & Compliance (GRC) tools. Therefore, we should examine each category and consider what the rules fundamentally request. In fact, the U.S.

Cybersecurity 130

Cybersecurity Compliance Risk Communications 130

Hunton Privacy

SEPTEMBER 1, 2018

Key amendments to the CCPA include: Enforcement : The bill extends by six months the deadline for the California Attorney General (“AG”) to draft and adopt the law’s implementing regulations, from January 1, 2020, to July 1, 2020. The amendments to the CCPA are primarily technical, with few substantive changes. CCPA § 1798.185(a)).

Privacy 49

Privacy Data collection Sales Data breaches 49

DLA Piper Privacy Matters

APRIL 26, 2018

We are now one month away from the historic enforcement of the EU General Data Protection Regulation ( GDPR ) and it is clear that there is still much to do by many Australian organisations to ensure compliance by the 25 May 2018 deadline.

GDPR 40

GDPR Compliance Personal data Privacy 40

Data Matters

SEPTEMBER 29, 2021

Although these proportionality factors began as an integral part of the definition of the scope of discovery, for more than two decades these limitations resided in a separate subsection of the Rule, resulting in considerable confusion and less-than-rigorous enforcement.

Privacy 97

Privacy e-Discovery Computer and Electronics e-Delivery 97

Hunton Privacy

JANUARY 10, 2013

On January 10, 2013, the rapporteur to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (“LIBE”), Jan Philipp Albrecht, presented his draft report (the “Report”) on the proposed amendments to the European Commission’s proposed General Data Protection Regulation (the “Proposed Regulation”) to the LIBE Committee.

Personal data 40

Personal data Data breaches Privacy Communications 40

ARMA International

SEPTEMBER 27, 2021

Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. Take the example of the pandemic: only some governments engaged pandemic experts to develop actions plans. Many organizations have business case templates.

Digital transformation 54

Digital transformation Risk IT Computer and Electronics 54