Data Privacy, Events and Personal data - Information Management Today

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data

Personal data Data breaches Data collection GDPR

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

In good news for organisations handling personal information, China’s Personal Information Protection Law (“ PIPL ”) was finalised on 20 August 2021, and will come into force on 1 November 2021. However, certain personal information (and non-personal data) must still remain in (and cannot be accessed outside of) Mainland China.

Data Privacy

Data Privacy Privacy Compliance Analytics

Singapore’s Public Consultation on proposed changes to the Singapore Personal Data Protection Act

Data Protection Report

MAY 21, 2020

On 14 May 2020, the Singapore Ministry of Communications and Information ( MCI ) and the Personal Data Protection Commission of Singapore ( PDPC ) announced a public consultation (the Public Consultation ) on the draft Personal Data Protection (Amendment) Bill (the Draft Bill ) and related amendments to the Spam Control Act ( SCA ).

Personal data

Personal data Data breaches Compliance Cybersecurity

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Final Rules for the Data Privacy Act Published in the Philippines

Hunton Privacy

SEPTEMBER 13, 2016

Recently, the National Privacy Commission (the “Commission”) of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012 (the “IRR”). We previously reported on the preceding draft text of the IRR.

Data Privacy

Data Privacy Privacy Personal data Data breaches

List of Data Breaches and Cyber Attacks in June 2022 – 34.9 Million Records Breached

IT Governance

JUNE 30, 2022

Welcome to our June 2022 review of data breaches and cyber attacks. You can find the full list below, broken down into categories. We identified 80 security incidents during the month, resulting in 34,908,053 compromised records. Cyber attacks. Ransomware. hit by cyber criminals (unknown) Acorda Therapeutics, Inc.

Data breaches

Data breaches Ransomware Personal data Blockchain

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

This is the eighth post in a series on privacy by Andrew Pery. You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. Step 3: Breach Response.

GDPR

GDPR Compliance Data collection Privacy

FRANCE: NEW GUIDANCE FOR DATA RETENTION

DLA Piper Privacy Matters

SEPTEMBER 4, 2020

They provide more practical guidance and update the CNIL previous Recommendations dated 11 October 2005 on the conditions of archiving personal data [2]. However, the Guidelines do not include the retention period applicable to each category of data processed. An organization based on the personal data lifecycle.

Personal data

Personal data Archiving GDPR Government

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.

GDPR

GDPR Compliance Privacy Data Privacy

List of mandatory documents required by the GDPR

IT Governance

JULY 31, 2019

Personal Data Protection Policy (Article 24). A data protection policy is a statement that sets out how your organisation protects personal data. An essential part of compliance, it serves two purposes: to promotes transparency, and to provide individuals with more control over the way their data is used.

GDPR

GDPR Data breaches Personal data Compliance

Data Protection and Privacy Commissioners Issue Global Connected Car Guidance

Hunton Privacy

OCTOBER 5, 2017

Last week, at the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, data protection authorities from around the world issued non-binding guidance on the processing of personal data collected by connected cars (the “Guidance”).

Privacy

Privacy Personal data Data collection Data Privacy

ICYMI –December in privacy and cybersecurity

Data Protection Report

JANUARY 4, 2024

December tends to be a busy time for everyone, so you may have missed a privacy update or two. For those making this quiz a competitive event, we have included a tie-breaker/bonus question.) a. Which one does NOT require a minimum number of residents’ personal data for the “controller” to be in-scope for the law?

Privacy

Privacy Cybersecurity Artificial Intelligence e-Discovery

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

DLA Piper Privacy Matters

NOVEMBER 19, 2018

The CNIL stresses that there is no need for a DPIA when : the processing does not present a high risk to the rights and freedoms of data subjects; or. the processing is already covered by a record of processing held by the data protection officer, where applicable. This concerns: Health data. connected cars, smart grid etc.);

Data Privacy

Data Privacy IT GDPR Privacy

EUROPE: Data protection regulators publish myth-busting guidance on machine learning

DLA Piper Privacy Matters

OCTOBER 10, 2022

For example, the ML system could be used to determine likely trends of categories of persons to default on loan agreements through the processing of financial default information. During the development and training of their algorithms, ML systems begin to adapt and recognise patterns within its data.

Personal data

Personal data GDPR Privacy Marketing

Data Privacy Day: Looking Back on the Privacy Events of 2020

Thales Cloud Protection & Licensing

JANUARY 27, 2021

Data Privacy Day: Looking Back on the Privacy Events of 2020. Each year, the world observes Data Privacy Day on January 28th. This international effort recognizes how organizations might be using, collecting or sharing an individual’s personal information. Thu, 01/28/2021 - 06:42.

Data Privacy

Data Privacy Privacy GDPR Encryption

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) The Paper recognises that it is not practicable to set a uniform retention period applicable to all types of personal data held by various organisations for different purposes. 486) (the PDPO ).

Paper

Paper Personal data Data breaches Privacy

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. Entities must annually buy sell, or share personal information of 100,000 consumers, not 50,000 as under the CCPA, to qualify as a business under the second prong of the test. New Rights for Sensitive Personal Information.

Privacy

Privacy B2B Sales Data breaches

Everyone is using ChatGPT what does my organisation need to watch out for

Data Protection Report

APRIL 27, 2023

Second, OpenAI does not give any security assurances in its terms of use (although, there is an extensive security portal and a statement that commercially reasonable security measures will be applied in the privacy policy that would help found a claim for misrepresentation in the event of a security breach).

Risk

Risk Personal data Privacy Data Privacy

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) The Paper recognises that it is not practicable to set a uniform retention period applicable to all types of personal data held by various organisations for different purposes. 486) (the PDPO ).

Paper

Paper Personal data Data breaches Privacy

5 Topics CCPA-Compliant Privacy Awareness Training Needs to Cover

KnowBe4

SEPTEMBER 16, 2019

It’s imperative to be prepared: the law will regulate the use and disclosure of personal information of nearly 40 million consumers, and is expected to affect more than 500,000 companies across the U.S. We’re proponents of a more comprehensive approach to privacy awareness , one that goes beyond simply complying to specific regulations.

Privacy

Privacy Personal data Compliance Data collection

State Activity on Privacy: Vermont Is First to Regulate Data Brokers

Data Matters

JUNE 11, 2018

Although the prospect of federal legislation on data privacy remains uncertain, states appear to be stepping up the range of their activity on privacy and security. The law also mandates free credit freezes in the event of a data breach from a credit reporting agency, a response to last year’s Equifax breach.

Privacy

Privacy Sales Data breaches Personal data

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

As the number and severity of data breaches continues to rise, organizations are recognizing that those costs are not theoretical. If your company has not already experienced a significant cybersecurity event, it is probably only a matter of time before it does. American International Group (AIG) has an 8.3%

Insurance

Insurance Ransomware Cybersecurity Marketing

FRANCE: THE FIRST CNIL STANDARD REGULATION FOR BIOMETRIC SYSTEMS IN THE WORKPLACE

DLA Piper Privacy Matters

APRIL 11, 2019

The CNIL reminds that the rules resulting from the Regulation do not exclude the application of the general obligations under the GDPR, notably regarding compliance with the general principles for processing personal data, data subject rights and international transfers. What are the requirements set forth by the Regulation?

Personal data

Personal data GDPR Access Compliance

Focus on Google DeepMind under the GDPR’s Lens

HL Chronicle of Data Protection

SEPTEMBER 18, 2017

The Information Commissioner’s Officer (ICO) ruled, on 3 July 2017, that the Royal Free NHS Foundation Trust (the Trust) had failed to comply with the Data Protection Act 1998 (DPA) when it provided 1.6 The development phase had already taken place but that phase had used synthetic data or dummy data so did not raise any data privacy issues.

GDPR

GDPR Personal data Privacy Data Privacy

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

Data Matters

JUNE 1, 2022

1 To ensure the progressive nature of the obligations, a category of “emerging gatekeeper” is also provided for to enable the Commission to impose certain obligations on companies whose competitive position is “proven but not yet sustainable.” process and use personal data. Designation Process.

Marketing

Marketing Computer and Electronics Communications GDPR

ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data

Data Protection Report

MAY 16, 2019

In keeping with the ICO’s earlier guidance on processing personal data of children, the primary factor for consideration here is whether the proposed activity is in the “best interests” of the child. However, this blanket application is mitigated by the different standards to be applied to five defined “Age Categories.”.

Personal data

Personal data Privacy GDPR Access

CHINA: Privacy, Security and Content Regulation to Increase in 2020

DLA Piper Privacy Matters

JANUARY 13, 2020

The changes specifically introduce the following: Broader scope of prohibited content: in addition to the currently existing categories (e.g., defaming national integrity and unity), the new law prohibits publication of additional categories of content (e.g., New Personal Data Protection Law and Data Security Law.

Privacy

Privacy Security Personal data Compliance

How to accelerate your data monetization strategy with data products and AI

IBM Big Data Hub

NOVEMBER 14, 2023

The key play is to treat data as a strategic asset with a user-centric product approach where this new product can be consumed by a diverse set of applications. Organizations build trust in their data and AI by demonstrating transparency and ethics , recognizing data privacy , adhering to regulations, and keeping data safe and secure.

Artificial Intelligence

Artificial Intelligence Cloud Analytics Compliance

AUSTRALIA: One month to go – EU GDPR implications for Australian businesses

DLA Piper Privacy Matters

APRIL 26, 2018

While many Australian organisations have historically adopted a more transparent and conciliatory approach to privacy and security, without the need to look too far across national borders, this is a position that now faces challenge in light of increasing globalisation and intensified data flows across borders.

GDPR

GDPR Compliance Personal data Privacy

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

The new right to be forgotten will allow children to enjoy their childhood without having every personal event, achievement, failure, antic or prank that they posted online to be digitally recorded for ever more. Of course, as new rights like this are created, the Bill will ensure that they cannot be taken too far.

GDPR

GDPR Personal data Government IT

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

This emphasis on proportionality in discovery is particularly relevant at a time when the protection of privacy is of increasing concern in the United States and abroad. With the rise of Big Data, however, there has been a growing and well-founded concern that personal information might be used unethically or exposed improperly.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

For over two and a half years, California has enjoyed the spotlight of having the most comprehensive data privacy law in the United States. Ralph Northam signed into law the Virginia Consumer Data Protection Act (VCDPA). On March 2, 2021, Virginia forced California to share the honors, when Democratic Gov. Exemptions.

Personal data

Personal data GDPR Sales Privacy

Information Management Today

When are schools required to report personal data breaches?

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Trending Sources

Singapore’s Public Consultation on proposed changes to the Singapore Personal Data Protection Act

How to implement the General Data Protection Regulation (GDPR)

Final Rules for the Data Privacy Act Published in the Philippines

List of Data Breaches and Cyber Attacks in June 2022 – 34.9 Million Records Breached

Guest Post - Three Critical Steps for GDPR Compliance

FRANCE: NEW GUIDANCE FOR DATA RETENTION

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

List of mandatory documents required by the GDPR

Data Protection and Privacy Commissioners Issue Global Connected Car Guidance

ICYMI –December in privacy and cybersecurity

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

EUROPE: Data protection regulators publish myth-busting guidance on machine learning

Data Privacy Day: Looking Back on the Privacy Events of 2020

Consultation paper published on Hong Kong’s data protection law

California Privacy Law Overhaul – Proposition 24 Passes

Everyone is using ChatGPT what does my organisation need to watch out for

Consultation paper published on Hong Kong’s data protection law

5 Topics CCPA-Compliant Privacy Awareness Training Needs to Cover

State Activity on Privacy: Vermont Is First to Regulate Data Brokers

Top 8 Cyber Insurance Companies for 2022

FRANCE: THE FIRST CNIL STANDARD REGULATION FOR BIOMETRIC SYSTEMS IN THE WORKPLACE

Focus on Google DeepMind under the GDPR’s Lens

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data

CHINA: Privacy, Security and Content Regulation to Increase in 2020

How to accelerate your data monetization strategy with data products and AI

AUSTRALIA: One month to go – EU GDPR implications for Australian businesses

The debate on the Data Protection Bill in the House of Lords

The Burden of Privacy In Discovery

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Stay Connected