2020, Data, GDPR and Government - Information Management Today

Integrating Data Governance and Enterprise Architecture

erwin

SEPTEMBER 3, 2020

Why should you integrate data governance (DG) and enterprise architecture (EA)? Data governance provides time-sensitive, current-state architecture information with a high level of quality. Data governance provides time-sensitive, current-state architecture information with a high level of quality.

Government

Government Compliance Risk Metadata

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them. PIPL Compliance CCPA Compliance GDPR Compliance How to Stay Up to Date with Changing Compliance Regulations. Compliance Overview.

GDPR

GDPR Compliance Data Privacy Privacy

CIPL Submits Response to European Commission’s Standard Contractual Clauses for the Transfer of Personal Data to Third Countries Pursuant to the GDPR

Hunton Privacy

DECEMBER 16, 2020

The European Commission (the “Commission”) issued its draft on November 12, 2020, updating the SCCs to align with the GDPR and taking into account the requirements of the Court of Justice of the European Union Schrems II ruling of July 16, 2020. Download a copy of CIPL’s full response.

Personal data

Personal data GDPR Compliance Government

Data Governance and Metadata Management: You Can’t Have One Without the Other

erwin

FEBRUARY 13, 2020

When an organization’s data governance and metadata management programs work in harmony, then everything is easier. Data governance is a complex but critical practice. Data Governance Attitudes Are Shifting. Most of that time is spent on data analysis – but only after searching for and preparing data.

Metadata

Metadata Government Compliance Digital transformation

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. Archer was named a Leader in Gartner’s 2020 Magic Quadrant for IT risk management and IT vendor risk management tools.

Compliance

Compliance Risk Government Retail

Analysing Data Breaches Caused by Human Error

IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. At the time of writing, the data set starts in Q2 2019 and goes up to Q2 2023.

Data breaches

Data breaches Personal data Government GDPR

2020 in review: July to December

IT Governance

DECEMBER 23, 2020

Welcome to the second part of our cyber security review of 2020, in which we look back at the biggest stories from July to December. With COVID-19 under control, the UK government announced that lockdown measures would be eased from 4 July, with pubs, cafés, cinemas and museums allowed to reopen. You can read the first part here >>.

Data breaches

Data breaches Ransomware Government GDPR

Over-Retention of Personal Data

Data Protection Report

SEPTEMBER 23, 2021

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

Personal data

Personal data Insurance GDPR Record destruction

California Privacy Rights Act to Appear on November 2020 Ballot

HL Chronicle of Data Protection

JUNE 24, 2020

The California Privacy Rights Act (CPRA) has received enough valid signatures to appear on the November 2020 ballot. The CPRA would also extend the CCPA’s temporary exceptions for B2B and human resources data until January 1, 2023. art II section 10(a). How did the CPRA come to be? How likely are voters to approve the CPRA?

Privacy

Privacy B2B GDPR Government

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data Privacy

Data Privacy Personal data Privacy Cloud

Hindsight is 2020. Looking back so we can move forward

Thales Cloud Protection & Licensing

FEBRUARY 11, 2020

2020 ends a decade, and the new year prompted me to think “Wow it’s been two decades since we started Vormetric.” Data security is still a problem. I remember when we were pioneering our first use case to prevent “root or administrator” from seeing data they weren’t cleared to see, yet be able to do their job. Governance.

Cloud

Cloud Government Financial Services Access

European data export bonanza: revised SCCs and EDPB Schrems II guidance published

Data Protection Report

NOVEMBER 13, 2020

A feedback period on the draft documents will run until 10 December. The new SCCs aim to modernise the clauses in line with the GDPR and to cover a multitude of different types of transfers to cater for “ the complexity of modern processing chains ”. a “warrant canary”); and. a “warrant canary”); and.

Personal data

Personal data GDPR Encryption Government

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

It is essential that your organization’s records retention schedule is compliant with the data protection requirements in the jurisdictions where your organization operates. Introduction to Data Protection Laws. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. Tue, 12/22/2020 - 10:08. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. Data privacy is not a check-the-box compliance or security item.

Data Privacy

Data Privacy Privacy Security Encryption

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

Whereas the previous guidance set out general principles for when to impose fines under Article 83 GDPR, the new Guidelines provide a detailed five-step methodology for calculating a starting point for a fine and clarify how to determine the turnover of an undertaking in order to harmonise the approach across Member States.

GDPR

GDPR Compliance Personal data IT

Keeping Up with New Data Protection Regulations

erwin

APRIL 11, 2019

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of. A number of high-profile data breaches and scandals have increased public awareness of the issue.

GDPR

GDPR e-Discovery Compliance Metadata

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

When Markowitz departed Portfolium after selling the company to Instructure, he teamed up with Daniel Marashalin and Troy Markowitz to launch Drata in the summer of 2020. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance

Compliance Security Cybersecurity Marketing

Québec’s new privacy bill: a comparison of Bill 64, PIPEDA and the GDPR

Privacy and Cybersecurity Law

JULY 9, 2020

On June 12, 2020, the Québec government proposed a significant overhaul of its current privacy laws through the introduction of the highly anticipated Bill 64, An Act to Modernize Legislative Provisions Respecting the Protection of Personal Information (“Bill”).

GDPR

GDPR Privacy Personal data Government

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

DLA Piper Privacy Matters

MAY 23, 2023

For Meta, the decision has resulted in a record administrative fine of €1.2bn, an order to suspend further transfers of EEA personal data to the US within five months, and an order to cease all unlawful processing of EEA personal data transferred to the US in violation of GDPR, within six months.

Personal data

Personal data GDPR Risk Privacy

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Earlier this year, Indonesia joined the ranks with the first four ASEAN countries including Malaysia, Singapore, Philippines and Thailand to have enacted laws relating to personal data protection. The PDP Draft Law is now sitting with the House of Representatives and other concerned government officials. General personal data v.

Data Privacy

Data Privacy Privacy Personal data Computer and Electronics

European Union Reached a Political Agreement on the Digital Markets Act

Hunton Privacy

MARCH 29, 2022

National governments at the European Council and the European Parliament compromised on the scope of the DMA and overall obligations for organizations with the following changes on the European Commission’s original DMA proposal. The DMA imposes a set of obligations on “gatekeeper” platforms.

Marketing

Marketing GDPR Compliance Paper

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

ARMA International

DECEMBER 26, 2019

Government topped the list of vertical industries at 23%. Information Governance Programs Still a Work-In-Progress. In 2015, Forrester first posed the question “Have you restructured or re-organized your RIM and/or IT programs to support an information governance strategy?” Governance structures for RIM programs remain in flux.

Content services

Content services Cloud Records Management Privacy

European Commission Publishes Draft of New Standard Contractual Clauses

Hunton Privacy

NOVEMBER 13, 2020

On November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the EU General Data Protection Regulation (“GDPR”), along with its draft set of new standard contractual clauses (the “SCCs”).

Personal data

Personal data GDPR Data collection Access

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Data Protection Report

NOVEMBER 25, 2021

After months of anticipation regarding the ongoing review of the Privacy Act 1988 (Cth), the Federal Government has galvanized the Australian privacy landscape with two significant developments. Firstly, the Government has released a discussion paper about the reform of the Privacy Act. 10% of domestic annual turnover.

Privacy

Privacy Paper Compliance Government

Universities across the UK and North America confirm cyber attack

IT Governance

JULY 28, 2020

Blackbaud hasn’t revealed the scale of the breach, but the BBC reports that, in some cases, the affected data was limited to former students who had been asked to financially support their alma mater. The stolen data included phone numbers, donation history, and events that individuals attended. Helping schools with the GDPR.

GDPR

GDPR Education Ransomware Data breaches

State of the Union: CCPA and Beyond in 2020

Data Protection Report

JANUARY 13, 2020

access, deletion, or opt-out) and a few companies seem to use the same tool, third party, and/or infrastructure for GDPR requests. On October 10, 2019, the California Attorney General (AG) issued for public comment the Proposed Text of Regulations to clarify components of the CCPA. email, phone, mail). Ballot Initiative.

Privacy

Privacy B2B Sales Compliance

Wednesday LTNY 2020 Sessions: eDiscovery Trends

eDiscovery Daily

FEBRUARY 4, 2020

There are several interesting sessions today related to eDiscovery, Information Governance, Cybersecurity and Data Privacy. 11:00am – 12:00pm: Mobile Data: Issues in Data Privacy and Data Protection. Have we lost the battles over data privacy and data protection with our data exposed for all to see?

e-Discovery

e-Discovery Data Privacy Blockchain Privacy

Thursday LTNY 2020 Sessions: eDiscovery Trends

eDiscovery Daily

FEBRUARY 5, 2020

There are several interesting sessions today related to eDiscovery, Information Governance, Cybersecurity and Data Privacy. The 2019-2020 Cases That Every Practitioner Should Know. 10:00am – 11:00am: ARMA’s Information Governance Implementation Model: The Way Forward For Information Governance. Cite Often!

Information governance

Information governance Privacy Cloud Government

China: Navigating China episode 17: China’s Draft Privacy and Security Laws – second drafts clarify compliance steps for businesses

DLA Piper Privacy Matters

MAY 4, 2021

Second drafts of the new overarching national personal data protection and data security laws have just been published, and give a clearer picture of the impending new national frameworks in China. regularly publishing reports on the organisation’s data protection compliance. Draft Personal Information Protection Law.

Compliance

Compliance Security Personal data Privacy

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

Data Matters

JULY 22, 2020

13.709/2018 (the Brazilian Data Protection Law, or “ LGPD ”) in 2018 was followed by great enthusiasm from the general public in Brazil. Indeed, the comprehensive law has been viewed as a necessary measure for the country to join a select but growing group of nations in the systematic protection of individuals’ personal data.

Marketing

Marketing Compliance Personal data GDPR

EU Council Agrees on Proposed ePrivacy Regulation

Data Matters

MARCH 10, 2021

On February 10, 2021, the Council of the European Union (which includes representatives of the European Union (EU) member states, hereinafter Council) reached an agreement on the ePrivacy Regulation proposal that governs the protection of privacy and confidentiality of electronic communications services (ePrivacy Regulation).

GDPR

GDPR Metadata Communications Privacy

Don’t let bad data drag you down: A retailer’s guide

Collibra

APRIL 11, 2023

Every process at every stage of these stores relies on data. And the role of data is getting bigger in supply chain management, omnichannel customer experiences, and target marketing strategies. The right kind of data can drive great innovations in retail. SKU data helps understand sales trends and customer preferences.

Retail

Retail Sales Compliance Marketing

CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

Hunton Privacy

DECEMBER 14, 2020

The French cookie rules are laid down in (1) Article 82 of the French Data Protection Act, which implements into French law the provisions of the EU ePrivacy Directive governing the use of cookies; and (2) soft law instruments aimed at guiding operators in implementing Article 82 of the French Data Protection Act in practice.

GDPR

GDPR Personal data Access IT

State of the Union: CCPA and Beyond in 2020

Data Protection Report

JANUARY 13, 2020

access, deletion, or opt-out) and a few companies seem to use the same tool, third party, and/or infrastructure for GDPR requests. On October 10, 2019, the California Attorney General (AG) issued for public comment the Proposed Text of Regulations to clarify components of the CCPA. email, phone, mail). Ballot Initiative.

Privacy

Privacy B2B Sales Compliance

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

We met at RSA 2020 and had a lively discussion about how today’s cloud-mobile environment enables network users to bypass traditional security controls creating gaping exposures, at this point, going largely unaddressed. So if you’re a Microsoft shop, you’re on an Office 365 and a Windows 10 migration path.

Cloud

Cloud Risk Privacy GDPR

Europe: European Commission publishes draft updated Standard Contractual Clauses

DLA Piper Privacy Matters

NOVEMBER 13, 2020

On 12 November, the European Commission published its long awaited updated draft Implementing Decision on standard contractual clauses (“ SCCs ”) for the transfer of personal data to third countries. update to include the necessary Article 28 processor terms set out in the GDPR.

GDPR

GDPR Personal data Government Privacy

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) Certainty around data retention periods. It is proposed that data users will be required to have clear retention policies. 486) (the PDPO ). details on the method of notification, as well as the content.

Paper

Paper Personal data Data breaches Privacy

Welcome to Legaltech New York 2020!: eDiscovery Trends

eDiscovery Daily

FEBRUARY 3, 2020

There are several interesting sessions today related to eDiscovery, Information Governance, Cybersecurity and Data Privacy. In just 10 years the case law around eDiscovery AI & Analytics has exploded. Survey the key case law governing the application of machine learning to eDiscovery. Business of law implications.

Education

Education Data Privacy GDPR Compliance

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

The law, most of which does not go into effect until January 1, 2023, will substantially overhaul and amend the California Consumer Privacy Act (CCPA) which went into effect just this year, on January 1, 2020, with final regulations issued just a few months ago, on August 14, 2020.

Privacy

Privacy B2B Sales Data breaches

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. What constitutes personal data that is subject to the withdrawal agreement is currently unclear.

GDPR

GDPR Personal data Government Financial Services

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) Certainty around data retention periods. It is proposed that data users will be required to have clear retention policies. 486) (the PDPO ). details on the method of notification, as well as the content.

Paper

Paper Personal data Data breaches Privacy

The What & Why of Data Governance

erwin

MARCH 4, 2021

Modern data governance is a strategic, ongoing and collaborative practice that enables organizations to discover and track their data, understand what it means within a business context, and maximize its security, quality and value. The What: Data Governance Defined. Data governance has no standard definition.

Government

Government Digital transformation GDPR Compliance

What is the NIS2 Directive and How Does It Affect You?

Thales Cloud Protection & Licensing

NOVEMBER 28, 2022

For example, although the Thales Data Threat Report 2022 recorded a 44% global increase in the volume and severity of attacks against critical infrastructures, Deloitte demonstrates a staggering 220% growth across the EU Member States between 2020 and 2021. Management liability. Temporary bans against managers. What does that mean?

IT

IT Encryption Compliance Cybersecurity

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Reltio

JUNE 12, 2020

Title: Founder & Data Governance Consultant. 1 sentence company description: DataZed is a consultancy that works with organizations to improve their data quality, data governance and data strategy. Years in Position: Over 10 years. In 1 or 2 short sentences, what makes a great data innovator?

Insurance

Insurance Customer Experience B2B MDM

Integrating Data Governance and Enterprise Architecture

How to Comply with GDPR, PIPL, and CCPA

Trending Sources

CIPL Submits Response to European Commission’s Standard Contractual Clauses for the Transfer of Personal Data to Third Countries Pursuant to the GDPR

Data Governance and Metadata Management: You Can’t Have One Without the Other

Top 10 Governance, Risk and Compliance (GRC) Vendors

Analysing Data Breaches Caused by Human Error

2020 in review: July to December

Over-Retention of Personal Data

California Privacy Rights Act to Appear on November 2020 Ballot

Navigating the EU-US Data Protection Framework

Hindsight is 2020. Looking back so we can move forward

European data export bonanza: revised SCCs and EDPB Schrems II guidance published

The Impact of Data Protection Laws on Your Records Retention Schedule

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

EDPB publishes guidance on calculating GDPR fines

Keeping Up with New Data Protection Regulations

Automated Security and Compliance Attracts Venture Investors

Québec’s new privacy bill: a comparison of Bill 64, PIPEDA and the GDPR

Ireland/EU: Irish DPC bans Meta’s EU-US data flows and issues record €1.2bn fine

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

European Union Reached a Political Agreement on the Digital Markets Act

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

European Commission Publishes Draft of New Standard Contractual Clauses

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Universities across the UK and North America confirm cyber attack

State of the Union: CCPA and Beyond in 2020

Wednesday LTNY 2020 Sessions: eDiscovery Trends

Thursday LTNY 2020 Sessions: eDiscovery Trends

China: Navigating China episode 17: China’s Draft Privacy and Security Laws – second drafts clarify compliance steps for businesses

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

EU Council Agrees on Proposed ePrivacy Regulation

Don’t let bad data drag you down: A retailer’s guide

CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

State of the Union: CCPA and Beyond in 2020

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Europe: European Commission publishes draft updated Standard Contractual Clauses

Consultation paper published on Hong Kong’s data protection law

Welcome to Legaltech New York 2020!: eDiscovery Trends

California Privacy Law Overhaul – Proposition 24 Passes

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

Consultation paper published on Hong Kong’s data protection law

The What & Why of Data Governance

What is the NIS2 Directive and How Does It Affect You?

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Stay Connected