Data, GDPR and Government - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. The checklist below covers the core GDPR regulations.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime.

GDPR

GDPR Government Personal data Risk

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them. PIPL Compliance CCPA Compliance GDPR Compliance How to Stay Up to Date with Changing Compliance Regulations. Compliance Overview.

GDPR

GDPR Compliance Data Privacy Privacy

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Government publishes consultation on post-Brexit data reforms

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

The government has today published its eagerly awaited Consultation Paper on Reforms to the UK Data Protection Regime – ‘Data: A New Direction’ (“ Consultation Paper ”), setting out the specific areas for regulatory reform of the UK’s data protection regime.

Government

Government Paper Personal data GDPR

What Is Data Minimisation? Definition & Examples

IT Governance

APRIL 18, 2023

Data minimisation is a key part of information security and the GDPR (General Data Protection Regulation) in particular. Its principles are at the heart of effective data protection practices, and are intended to prevent privacy breaches and minimise the damage when security incidents occur.

GDPR

GDPR Personal data Data breaches Marketing

Show-me: Spanish Data Protection laws shaken by the Supreme Court

DLA Piper Privacy Matters

SEPTEMBER 15, 2021

By the end of the 2018, the Spanish Parliament belatedly completed the framework provided by EU’s GDPR approving a new Data Protection Act. The regional government of Galicia had approved some measures to help local bars and restaurants. In principle, it should have been just another Covid-related case.

GDPR

GDPR Privacy Government Personal data

GDPR: What’s the difference between personal data and sensitive data?

IT Governance

JULY 29, 2019

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? Location data. What is sensitive personal data?

Personal data

Personal data GDPR Encryption Compliance

Google fined £44 million in landmark GDPR ruling

IT Governance

JANUARY 21, 2019

Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). . It’s by far the biggest fine related to the GDPR, which took effect in May 2018 and gave regulatory bodies much stronger disciplinary powers. .

GDPR

GDPR Access Government IT

European Commission Publishes Draft Data Governance Act

Hunton Privacy

DECEMBER 2, 2020

On November 25, 2020, the European Commission published its Proposal for a Regulation on European Data Governance (the “Data Governance Act”). The European Commission also released a Questions & Answers document and a Factsheet on European data governance.

Government

Government Personal data Compliance GDPR

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Compliance Privacy Data Privacy

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR

GDPR Compliance Personal data Access

CIPL Submits Comments to UK DCMS Consultation on UK Data Reform

Hunton Privacy

DECEMBER 17, 2021

Last month, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted a response to the UK Department for Digital, Culture, Media & Sport (“DCMS”) on its Consultation on Reforms to the Data Protection Regime (the “Response”). supports DCMS’ proposal to incorporate a test based on the U.S.

GDPR

GDPR B2B Risk Government

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

It is essential that your organization’s records retention schedule is compliant with the data protection requirements in the jurisdictions where your organization operates. Introduction to Data Protection Laws. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

GDPR data breach notification: A quick guide

IT Governance

NOVEMBER 28, 2018

The data breach notification requirements of the EU GDPR (General Data Protection Regulation) are complicated, so it’s no surprise that many organisations aren’t sure what they’re supposed to be doing. What is a personal data breach? What is a personal data breach?

Data breaches

Data breaches GDPR Personal data Compliance

EU Regulatory Data Protection: Many pieces to the regulatory framework puzzle

DLA Piper Privacy Matters

JANUARY 26, 2022

Data is at the heart of the EU’s digital and green transformation, which are the two priorities of the European Commission. With the General Data Protection Regulation (GDPR), adopted in 2016, the EU has created a solid framework for the protection of personal data in line with the EU Charter of Fundamental Rights.

Personal data

Personal data GDPR Computer and Electronics Artificial Intelligence

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

This blog was originally published before the GDPR took effect in May 2018. This blog explains how to write a GDPR-compliant DSAR (data subject access request) procedure to ensure you meet your obligations as a data controller. What is a data subject access request? The categories of personal data involved.

GDPR

GDPR Access Personal data Compliance

List of mandatory documents required by the GDPR

IT Governance

JULY 31, 2019

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the GDPR.

GDPR

GDPR Data breaches Personal data Compliance

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling.

GDPR

GDPR Personal data Financial Services Compliance

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

IT Governance

DECEMBER 24, 2019

Doorstep Dispensaree has been fined £275,000 for failing to comply with the GDPR (General Data Protection Regulation) , making it the first organisation in the UK to be penalised for breaching its requirements. Haven’t there already been GDPR fines in the UK? What went wrong?

GDPR

GDPR Personal data Government Access

Key steps to GDPR compliance – Part 3

IT Governance

DECEMBER 20, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect, but some businesses are not even thinking about it yet, or are only just starting to. Data subject access requests, incident reporting and data breach reporting will all need written processes, too.

GDPR

GDPR Compliance Data breaches Information Security

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

Whereas the previous guidance set out general principles for when to impose fines under Article 83 GDPR, the new Guidelines provide a detailed five-step methodology for calculating a starting point for a fine and clarify how to determine the turnover of an undertaking in order to harmonise the approach across Member States.

GDPR

GDPR Compliance Personal data IT

Key Steps to GDPR Compliance – Part 2

IT Governance

DECEMBER 14, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect but some businesses are not even thinking about it yet, or are only just starting to. 4) Build a data inventory. 5) Conduct a data flow audit. 5) Conduct a data flow audit.

GDPR

GDPR Compliance Personal data Risk

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. If a new process is made or your data protection officer (DPO) changes, make sure part of the process is to update your Article 30 records. Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

What are the Data Subject Rights under the GDPR?

IT Governance

NOVEMBER 15, 2018

This blog was originally published before the GDPR took effect in May 2018. The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Failure to do so is a violation of the GDPR and could lead to disciplinary action. But first, what is a data subject?

GDPR

GDPR Personal data Access Communications

Overcome these six data consumption challenges for a more data-driven enterprise

IBM Big Data Hub

JUNE 8, 2022

Implementing the right data strategy spurs innovation and outstanding business outcomes by recognizing data as a critical asset that provides insights for better and more informed decision-making. By taking advantage of data, enterprises can shape business decisions, minimize risk for stakeholders, and gain competitive advantage.

Government

Government Privacy Analytics Metadata

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

GDPR Training in Belfast – save 10%

IT Governance

DECEMBER 18, 2017

Many organisations are struggling to fill a skills gap created by the EU General Data Protection Regulation (GDPR) and need staff with knowledge of the Regulation. For a short time, we are offering a 10% discount on GDPR courses in Belfast, so book your place before Friday 5 January 2018. Data protection by design.

GDPR

GDPR Personal data Compliance Data breaches

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

On 16 November 2021, the French data protection supervisory authority (the “CNIL”) published a practical guide (“Guide”) on Data Protection Officers (“DPOs”). The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. Be the point of contact on GDPR issues.

GDPR

GDPR Compliance Personal data Communications

Is your organisation ready for the DSP Toolkit compliance deadline?

IT Governance

NOVEMBER 12, 2020

Each year, certain healthcare organisations must complete a self-assessment via the DSP (Data Security and Protection) Toolkit to demonstrate their data security and information governance compliance. The compliance requirements differ depending on which of four categories your organisation falls into.

Compliance

Compliance GDPR Information governance Personal data

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Public monitoring.

GDPR

GDPR Risk Compliance Personal data

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. Financial loss.

Personal data

Personal data Data breaches Data collection GDPR

European Commission Publishes Final Version of Updated Standard Contractual Clauses

Hunton Privacy

JUNE 4, 2021

On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation (“GDPR”), as well as the final version of the new standard contractual clauses (the “SCCs”).

Personal data

Personal data GDPR Government Access

CNIL Publishes Initial Assessment on Blockchain and GDPR

Hunton Privacy

OCTOBER 2, 2018

Recently, the French Data Protection Authority (“CNIL”) published its initial assessment of the compatibility of blockchain technology with the EU General Data Protection Regulation (GDPR) and proposed concrete solutions for organizations wishing to use blockchain technology when implementing data processing activities.

Blockchain

Blockchain GDPR Personal data Compliance

A guide to data subject rights for data professionals

Collibra

JULY 15, 2020

In the world of data privacy, data subject rights are the hot topic for Chief Data Officers, Data Protection Officers, and all people who work with data right now. After months of anticipation, the newly enforced California Consumer Privacy Act (CCPA) is officially here and adding complexity to data subject rights.

Data Privacy

Data Privacy GDPR Privacy Personal data

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

HMRC forced to delete 5 million voice records after GDPR gaffe

IT Governance

MAY 9, 2019

HMRC (HM Revenue and Customs) has been told to delete more than five million people’s voice records after it was discovered that the way the information was collected breached the GDPR (General Data Protection Regulation). What was HMRC’s mistake? Explicit and free.

GDPR

GDPR Personal data Education Passwords

Unactioned data subject access requests could lead to legal action

IT Governance

FEBRUARY 19, 2019

Buckinghamshire-based housing developer Magnacrest has been fined for failing to respond to DSARs (data subject access requests) , giving organisations a fresh reminder of the importance of the public’s legal rights to review the information that’s processed about them. The categories of personal data involved.

Access

Access GDPR Personal data Compliance

FRANCE: NEW GUIDANCE FOR DATA RETENTION

DLA Piper Privacy Matters

SEPTEMBER 4, 2020

The French Supervisory Authority (the “ CNIL ”) has issued new updated guidelines on data retention during the month of July (the “ CNIL’s Guidelines ”) [1]. They provide more practical guidance and update the CNIL previous Recommendations dated 11 October 2005 on the conditions of archiving personal data [2]. Scope of application.

Personal data

Personal data Archiving GDPR Government

How long do you have to report a data breach?

IT Governance

DECEMBER 13, 2018

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them.

Data breaches

Data breaches GDPR Personal data Compliance

Everything you need to know about DPOs under the GDPR

IT Governance

FEBRUARY 8, 2019

We recently claimed that DPOs (data protection officers) are “ the key to data breach response ”, but you could argue that they are the key to GDPR (General Data Protection Regulation) compliance in general. As a result, they are involved in every part of an organisation’s data protection framework.

GDPR

GDPR Personal data Privacy Compliance

Practical steps to GDPR compliance in health and social care

IT Governance

MARCH 12, 2018

Despite the General Data Protection Regulation (GDPR) coming into effect in less than three months, many healthcare organisations are yet to start developing a compliance programme. This checklist details nine practical steps that healthcare organisations should undertake in preparation for the GDPR.

GDPR

GDPR Compliance Data breaches Government

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Trending Sources

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

How to Comply with GDPR, PIPL, and CCPA

Security Compliance & Data Privacy Regulations

Government publishes consultation on post-Brexit data reforms

What Is Data Minimisation? Definition & Examples

Show-me: Spanish Data Protection laws shaken by the Supreme Court

GDPR: What’s the difference between personal data and sensitive data?

Google fined £44 million in landmark GDPR ruling

European Commission Publishes Draft Data Governance Act

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

7 steps to highly effective GDPR compliance

CIPL Submits Comments to UK DCMS Consultation on UK Data Reform

The Impact of Data Protection Laws on Your Records Retention Schedule

GDPR data breach notification: A quick guide

EU Regulatory Data Protection: Many pieces to the regulatory framework puzzle

How to write a GDPR-compliant data subject access request procedure – with template

List of mandatory documents required by the GDPR

GDPR automated decision-making and profiling: what are the requirements?

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

Key steps to GDPR compliance – Part 3

EDPB publishes guidance on calculating GDPR fines

Key Steps to GDPR Compliance – Part 2

How to comply with Article 30 of the GDPR

What are the Data Subject Rights under the GDPR?

Top 7 Data Governance Blog Posts of 2018

Overcome these six data consumption challenges for a more data-driven enterprise

How the CCPA and GDPR Are Different

GDPR Training in Belfast – save 10%

France: The CNIL publishes a practical guide on Data Protection Officers

Is your organisation ready for the DSP Toolkit compliance deadline?

Why risk assessments are essential for GDPR compliance

When are schools required to report personal data breaches?

European Commission Publishes Final Version of Updated Standard Contractual Clauses

CNIL Publishes Initial Assessment on Blockchain and GDPR

A guide to data subject rights for data professionals

What UK charities need to know about GDPR compliance

HMRC forced to delete 5 million voice records after GDPR gaffe

Unactioned data subject access requests could lead to legal action

FRANCE: NEW GUIDANCE FOR DATA RETENTION

How long do you have to report a data breach?

Everything you need to know about DPOs under the GDPR

Practical steps to GDPR compliance in health and social care

Stay Connected