Data Privacy, Examples and Exercises - Information Management Today

CIPL Releases Report on Effective Data Privacy Accountability

Hunton Privacy

JUNE 8, 2020

On June 3, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP published its report, What Good and Effective Data Privacy Accountability Looks Like: Mapping Organizations’ Practices to the CIPL Accountability Framework (“Report”). Canada, Europe, Asia-Pacific and Latin America.

Data Privacy

Data Privacy Privacy Compliance Risk

Data governance for data privacy

Collibra

MAY 5, 2020

Data must sit in the right hands and it needs to be protected. Organizations need full visibility over their data, where it sits, who has access to it, and why it’s used. They need data governance. . In these unprecedented times, data privacy is a concern in every industry in every corner of the world.

Data Privacy

Data Privacy Government Privacy Compliance

Think differently about data privacy to deliver digital transformation

Collibra

JANUARY 14, 2020

Data privacy isn’t about compliance — it’s about customers. Although much of the ink spilled around data privacy focuses on obeying regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), it’s a mistake to think about data privacy as a compliance exercise.

Digital transformation

Digital transformation Data Privacy Privacy IoT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Important Changes to the Singapore Data Privacy Regime

Data Matters

NOVEMBER 16, 2020

If you operate in Singapore, handle Singapore data, or maintain a server in Singapore, it is crucial that you have protocols in place to guide employees on what to do when a data breach occurs and consider doing a data breach tabletop exercise. (We NEW mandatory data breach notification requirement.

Data Privacy

Data Privacy Privacy Data breaches Personal data

Big California Privacy News: Legislative and Enforcement Updates

Data Matters

SEPTEMBER 6, 2022

The OAG issued its first CCPA enforcement fine, updated CCPA enforcement examples on the OAG’s CCPA webpage, and made related statements to the press regarding what we can expect in the future from the OAG with respect to CCPA enforcement. New CCPA Enforcement Case Examples – Opt Outs, GPC, Clarity & Functionality Are Top of Mind.

Privacy

Privacy B2B Sales Compliance

CHINA: important new developments in PRC data privacy regulations

DLA Piper Privacy Matters

OCTOBER 31, 2019

staff, data subjects, business partners etc.). Promotion of online mechanisms for users to exercise data subject rights (deletion, de-registration, access, correction, revoke consent etc.). Clarity that data controllers are liable for their data processors’ acts and omissions.

Data Privacy

Data Privacy Privacy Data collection Data breaches

Hackers Use RMM Software to Breach Federal Agencies

eSecurity Planet

JANUARY 27, 2023

“Another example of illegitimate activity is when someone deploys the RMM agent on, say, 100 endpoints in 100 different AD domains.” Implement a user training program and phishing exercises to raise awareness among users. Block inbound and outbound connections on common RMM ports and protocols at the network perimeter.

Phishing

Phishing Data Privacy Cybersecurity Access

UK Supreme Court Grants Google Permission to Appeal Class Action Claim in Lloyd vs Google LLC

Data Matters

JULY 16, 2020

The Court of Appeal considered what is meant by “damage” under section 13 of the DPA and held that damages should be available even without material damage or pecuniary loss as “control over data is an asset that has value.” 2) allows the court, exercising its discretion, to direct that a person may not act as a representative.

Personal data

Personal data GDPR Privacy Data Privacy

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

Businesses cannot discriminate against a consumer for exercising their rights. Consumers must submit a VCR to exercise their rights and business must respond within 45 days. CCPA and GDPR were just the beginning of a wave of data privacy regulations. 3) Data privacy compliance is interdisciplinary.

Data Privacy

Data Privacy Privacy Government Compliance

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. The law outlines a set of data privacy rights for users and a series of principles for the processing of personal data. When the GDPR refers to data subjects, it means data subjects who reside in the EEA.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Colorado AG Publishes Draft Colorado Privacy Act Rules

Hunton Privacy

NOVEMBER 1, 2022

On October 1, 2022, the Colorado Attorney General’s Office submitted an initial draft of the Colorado Privacy Act Rules (“CPA Rules”), which will implement and enforce the Colorado Privacy Act (“CPA”). Below are key examples of topics addressed by the proposed regulations. Summary of Proposed Regulations.

Privacy

Privacy Personal data Data collection Compliance

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 15, 2019

375 the California Consumer Privacy Act (CCPA), making California the first U.S. state to pass its own data privacy law. For example, data collected by an entity may not be associated with an individual but could identify a household. The CCPA, which will come into effect on Jan. Looking into to the future.

Privacy

Privacy GDPR Digital transformation Sales

CCPA compliance: A sustainable approach

Collibra

DECEMBER 30, 2020

Businesses are required to give consumers notice explaining their privacy practices and not discriminate against consumers for exercising their rights under the CCPA. The legislative text specifies a number of examples of PI, although declares that these are not exclusive. . Examples include typical identifiers such as: .

Compliance

Compliance Sales Privacy Data Privacy

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used. Make sure people know they’re being recorded.

GDPR

GDPR Privacy Retail Personal data

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.

GDPR

GDPR Compliance Privacy Data Privacy

GPEN and National DPAs Publish Sweep Results on Privacy Accountability

Hunton Privacy

MARCH 11, 2019

On March 5, 2019, the Global Privacy Enforcement Network (“GPEN”), a global network of more than 60 data protection authorities (“DPAs”) around the world, published the results of its 2018 intelligence gathering operation on organizations’ data privacy accountability practices (the “Sweep”).

Privacy

Privacy Data Privacy GDPR Personal data

Japan: Protection of Personal Information (APPI) Act to be Amended: Is your Business Ready?

DLA Piper Privacy Matters

AUGUST 3, 2020

Also, under the current APPI, data subjects may exercise the right of deletion and cessation of use of personal data only if a PIH Operator [1] (i) has obtained the personal data by deceit or other improper means; or (ii) uses such personal data beyond the necessary scope to achieve the purpose of use [2].

Personal data

Personal data Data breaches Compliance Analytics

What is data protection by design and default

IT Governance

JUNE 13, 2019

In this blog, we explain how data protection by design and by default works, and provide examples of the steps you should take to achieve it. What is data protection by design? Examples of data protection by design. Examples of data protection by default.

GDPR

GDPR Personal data Compliance Privacy

Driving GDPR Compliance

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. GDPR adds more granular and secure data governance requirements. Conclusion.

GDPR

GDPR Compliance Personal data Data Privacy

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

There is, in fact, deep consensus about how to protect sensitive data and ensure the overall security of corporate networks. Still, over time, they’ve been woven into baseline data security regulations far and wide. NIST specs are echoed in the data loss disclosure and data privacy laws that have cropped up in many U.S.

Computer and Electronics

Computer and Electronics Encryption Cybersecurity Privacy

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

DLA Piper Privacy Matters

NOVEMBER 19, 2018

In the continuity of this accompaniment, the CNIL published on November 6th 2018 its DPIA guidelines supplementing the G29 Working Party’s opinion on DPIA along with its DPIA list which gives concrete examples of data processing operations likely to result in a high risk. This concerns: Health data.

Data Privacy

Data Privacy IT GDPR Privacy

5 Steps to build an enterprise data protection framework

Collibra

JANUARY 14, 2021

Data Privacy Day is celebrated on 28th of January every year. The new work-from-home norm and consumer contract tracing apps are 2020 solutions that further complicate how organizations’ have traditionally safeguarded data. Alternatively, you might want to use your GRC (Governance, Risk, and Compliance) tool for this.

Compliance

Compliance Government Risk Privacy

Takeaways From CCPA Public Forums

Data Matters

FEBRUARY 12, 2019

When California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018, there was broad agreement that revisions and clarifications were necessary. For example, a company might track a user’s web browsing to facilitate online advertisements, but not link the data to a specific consumer.

Sales

Sales Privacy Data Privacy Compliance

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

IT Governance

DECEMBER 6, 2023

As privacy professionals, we see consumers exercising their rights to withdraw consent to their data being processed via ‘opt out’ or ‘unsubscribe’ buttons, for example. Privacy is international It’s not just the EU GDPR, the UK GDPR and the DPA 2018 that we may need to ensure compliance with.

Data Privacy

Data Privacy Privacy GDPR IT

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Also read: Security Compliance & Data Privacy Regulations. For example, in the Enron financial fraud, executives and board members claimed ignorance or that they could not understand the financial maneuvering of Enron’s CFO (chief financial officer). SOX: A Template of Success. SOX: Consequences.

Cybersecurity

Cybersecurity Compliance Risk Communications

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data

Personal data GDPR Data Privacy Privacy

Navigating China: The digital journey

DLA Piper Privacy Matters

NOVEMBER 5, 2019

Episode 6: Further developments in PRC data privacy regulations. staff, data subjects, business partners etc.). Promotion of online mechanisms for users to exercise data subject rights (deletion, de-registration, access, correction, revoke consent etc.). avoid excessive data collection).

Data collection

Data collection Data breaches Privacy Information Security

Hello. Goodbye… Goodbye. Hello

ARMA International

JULY 17, 2023

So, caution should be exercised. It would be great if the whole exercise could be completed in a few days, but in reality, it can take several weeks — if not months — to track down dispersed data, evaluate it, decide on its fate, and enact that fate. The cost of senior lawyer time alone is considerable.

Information governance

Information governance Government Risk IT

Data strategy in three steps: Inside Collibra’s Data Office

Collibra

FEBRUARY 5, 2020

At Collibra, we’ve broken our data strategy down into three high level objectives: the infrastructure, data products and sharing what we learn. We want to be the leading example so our data strategy can be summarized as follows: “It is 2025 – do you know what your data office looks like?”. 3: Sharing is caring.

Marketing

Marketing Analytics Cloud Data Privacy

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

Why Personal Data Privacy Needs a Customer-centric Focus

Collibra

MAY 1, 2019

When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. In all of this, the customer’s relationship with both personal data privacy and the organization itself can get lost.

Personal data

Personal data Data Privacy Privacy GDPR

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

DLA Piper Privacy Matters

MAY 23, 2023

Concerns about further disruption to transatlantic data transfers are by no means limited to Meta. The EDPB issued a binding determination to resolve the CSAs’ dispute over whether the DPC also should fine Meta and order it to bring its processing into compliance with the GDPR.

Personal data

Personal data GDPR Risk Privacy

Pennsylvania Supreme Court holds common law duty for employers extends to protecting sensitive employee information

Data Protection Report

DECEMBER 7, 2018

Rather, the duty arises under the common law rule that when an actor takes an affirmative action, that actor must exercise reasonable care to protect others from an unreasonable risk of harm from such act. The duty is one to exercise reasonable care, which may be different depending on the size and resources of a particular company.

Data breaches

Data breaches Computer and Electronics Risk Security

Information Governance Challenges and How to Address Them

Gimmal

JUNE 10, 2022

DEAN: There’s a long answer to that, but I would say that the shortest answer possible is that they need to be brought current into the new legislative and data privacy regime that we’re seeing out there. It must all be in a central location, but policing that isn’t always easy. CRAIG: It’s going to become a lot more active.

Information governance

Information governance Government Privacy Risk

FRANCE: New Data Protection Law has been Adopted

DLA Piper Privacy Matters

MAY 16, 2018

French rules adopted on the basis of GDPR apply to the extent the data subject is a French resident, even when the data controller is not established in France (with an exception for processing carried out for journalistic purposes or the purpose of academic, artistic or literary expression). Processing of criminal records.

GDPR

GDPR Personal data Compliance Data Privacy

A Close Up Look at the Consumer Data Broker Radaris

Krebs on Security

MARCH 8, 2024

8, 2024, a company called Atlas Data Privacy Corp. sued Radaris LLC for allegedly violating “ Daniel’s Law ,” a statute that allows New Jersey law enforcement, government personnel, judges and their families to have their information completely removed from people-search services and commercial data brokers.

Privacy

Privacy Data Privacy Government Marketing

UK Justice Select Committee Opinion Critiques the EU Data Protection Framework Proposals

Hunton Privacy

NOVEMBER 2, 2012

It endorses the use of a Regulation, however, as the correct instrument for updating the data privacy framework in the EU. The Committee suggests that the use of such terminology could “create unrealistic expectations, for example in relation to search engines and social media.”

Data Privacy

Data Privacy Personal data Access Government

One week into GDPR – what you need to know

Data Protection Report

JUNE 4, 2018

Certain American news publications decided to shut themselves off to European users on their websites, a first series of complaints were filed against US tech giants and their subsidiaries, and the European Commission, in an embarrassing turn of events, was found to have had a data leak on one of its websites, Europa.eu.

GDPR

GDPR Compliance Personal data Privacy

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

The stakes are even higher for businesses, government and other organizations, as successful attacks can be devastating to operations and sensitive data. Exercise Caution with Emails The first two items on this list could be lumped together with a single warning: Don’t click. This will help improve your data privacy too.

Passwords

Passwords Encryption Authentication Phishing

New China Guideline for Internet Personal Information Security Protection

Data Protection Report

DECEMBER 5, 2018

The MPS has long been involved in data security through its multi-level protection system under the Multi-Level Protection Measures, but it has not to date exercised a great deal of power over matters of personal information protection. The draft Guideline therefore represents the MPS’s most recent major foray into this area.

Information Security

Information Security Security Authentication Passwords

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The CCPA does require businesses to disclose a significant amount of information in their online privacy policies, including some categories not required by the GDPR. Businesses are prohibited from discriminating against consumers who exercise their rights under the CCPA. 9. Anti-Discrimination / Compelled Consent.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The CCPA does require businesses to disclose a significant amount of information in their online privacy policies, including some categories not required by the GDPR. Businesses are prohibited from discriminating against consumers who exercise their rights under the CCPA. 9. Anti-Discrimination / Compelled Consent.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The CCPA does require businesses to disclose a significant amount of information in their online privacy policies, including some categories not required by the GDPR. Businesses are prohibited from discriminating against consumers who exercise their rights under the CCPA. 9. Anti-Discrimination / Compelled Consent.

GDPR

GDPR Privacy Personal data Sales

CIPL Releases Report on Effective Data Privacy Accountability

Data governance for data privacy

Webinars

Trending Sources

Think differently about data privacy to deliver digital transformation

Webinars

Important Changes to the Singapore Data Privacy Regime

Big California Privacy News: Legislative and Enforcement Updates

CHINA: important new developments in PRC data privacy regulations

Hackers Use RMM Software to Breach Federal Agencies

UK Supreme Court Grants Google Permission to Appeal Class Action Claim in Lloyd vs Google LLC

5 learnings from the “Meeting the CCPA Challenge” webinar

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Colorado AG Publishes Draft Colorado Privacy Act Rules

How to prepare for the California Consumer Privacy Act

CCPA compliance: A sustainable approach

Does your use of CCTV comply with the GDPR?

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

GPEN and National DPAs Publish Sweep Results on Privacy Accountability

Japan: Protection of Personal Information (APPI) Act to be Amended: Is your Business Ready?

What is data protection by design and default

Driving GDPR Compliance

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

5 Steps to build an enterprise data protection framework

Takeaways From CCPA Public Forums

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

New SEC Cybersecurity Rules Could Affect Private Companies Too

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Navigating China: The digital journey

Hello. Goodbye… Goodbye. Hello

Data strategy in three steps: Inside Collibra’s Data Office

GDPR is upon us: are you ready for what comes next?

Why Personal Data Privacy Needs a Customer-centric Focus

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

Pennsylvania Supreme Court holds common law duty for employers extends to protecting sensitive employee information

Information Governance Challenges and How to Address Them

FRANCE: New Data Protection Law has been Adopted

A Close Up Look at the Consumer Data Broker Radaris

UK Justice Select Committee Opinion Critiques the EU Data Protection Framework Proposals

One week into GDPR – what you need to know

How to Prevent Malware: 15 Best Practices for Malware Prevention

New China Guideline for Internet Personal Information Security Protection

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Stay Connected