Data, GDPR and Government - Information Management Today

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

What is the GDPR? The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. A quick overview.

GDPR

GDPR Personal data Data breaches Compliance

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Data Protection Report

NOVEMBER 25, 2021

After months of anticipation regarding the ongoing review of the Privacy Act 1988 (Cth), the Federal Government has galvanized the Australian privacy landscape with two significant developments. Firstly, the Government has released a discussion paper about the reform of the Privacy Act. Online Privacy Bill.

Privacy

Privacy Paper Compliance Government

Key steps to GDPR compliance – Part 3

IT Governance

DECEMBER 20, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect, but some businesses are not even thinking about it yet, or are only just starting to. Data subject access requests, incident reporting and data breach reporting will all need written processes, too.

GDPR

GDPR Compliance Data breaches Information Security

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

On 16 November 2021, the French data protection supervisory authority (the “CNIL”) published a practical guide (“Guide”) on Data Protection Officers (“DPOs”). The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. Be the point of contact on GDPR issues.

GDPR

GDPR Compliance Personal data Communications

Key Steps to GDPR Compliance – Part 2

IT Governance

DECEMBER 14, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect but some businesses are not even thinking about it yet, or are only just starting to. 4) Build a data inventory. There are special categories of data that entail stricter processing rules, such as getting explicit consent.

GDPR

GDPR Compliance Personal data Risk

GDPR Training in Belfast – save 10%

IT Governance

DECEMBER 18, 2017

Many organisations are struggling to fill a skills gap created by the EU General Data Protection Regulation (GDPR) and need staff with knowledge of the Regulation. The courses are also available Live Online or as distance learning for those who can’t get to a classroom. EU GDPR Foundation Training Course. Was: £495.00.

GDPR

GDPR Personal data Compliance Data breaches

Australia Privacy Act review – a blueprint for change?

DLA Piper Privacy Matters

FEBRUARY 20, 2023

Authors: Sarah Birkett , Nicholas Boyle The Australian Attorney-General has published the (long-awaited) results of the Privacy Act review. The report recommends a number of changes to the Australian privacy framework, including various changes to Australia’s core privacy legislation, the Privacy Act 1988 (Cth).

Privacy

Privacy Data breaches Marketing Government

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR

GDPR Risk Compliance Personal data

Do I Need a Data Catalog?

erwin

JUNE 26, 2020

If you’re serious about a data-driven strategy , you’re going to need a data catalog. Organizations need a data catalog because it enables them to create a seamless way for employees to access and consume data and business assets in an organized manner. This also diminishes the value of data as an asset.

Metadata

Metadata Unstructured data Compliance Sales

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). It is intended to give consumers more transparency regarding and control over their data and establishes highly detailed requirements for what companies that collect personal data about California residents must disclose. .

GDPR

GDPR Privacy Sales Data breaches

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

New course dates for GDPR training in Edinburgh and Glasgow

IT Governance

MAY 3, 2018

Although the EU General Data Protection Regulation (GDPR) deadline is only three weeks away, many organisations are still struggling to fill the cyber security skills gap and ensure that they are compliant. One way this awareness can be achieved is through staff training, and IT Governance can support you every step of the way.

GDPR

GDPR Personal data Compliance Data breaches

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. Step 1: Appointing a Data Protection Officer (“DPO”) or “Pilot”.

GDPR

GDPR Personal data Compliance Privacy

Building cyber security careers

IT Governance

OCTOBER 21, 2021

This includes individuals in charge of cyber security who “lack the confidence to carry out the kinds of basic tasks laid out in the government-endorsed Cyber Essentials scheme”. The most common skills gaps are “storing or transferring personal data, setting up configured firewalls, and detecting and removing malware”.

Security

Security Information Security GDPR Data Privacy

Insights about the first five years of Right to be Forgotten requests at Google

Elie

DECEMBER 12, 2019

is a landmark European ruling that governs the delisting of personal information from search results. Each delisting decision requires careful consideration of the balance between respecting user privacy and ensuring open access to information via Google Search. This new data enabled us to conduct a longitudinal analysis of how.

Privacy

Privacy Paper Government GDPR

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

Hunton Privacy

SEPTEMBER 21, 2016

On September 16, 2016, the Belgian Data Protection Authority (the “Privacy Commission”) published a 13-step guidance document (in French and Dutch ) to help organizations prepare for the EU General Data Protection Regulation (“GDPR”). The 13 steps recommended by the Privacy Commission are summarized below.

GDPR

GDPR Privacy Personal data Data breaches

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). It is intended to give consumers more transparency regarding and control over their data and establishes highly detailed requirements for what companies that collect personal data about California residents must disclose. .

GDPR

GDPR Privacy Sales Data breaches

Why every organisation needs data protection impact assessments

IT Governance

NOVEMBER 23, 2018

DPIAs (data protection impact assessments) are a type of risk assessment that identify the risks affecting the security of personal data, and work out their likely effects. It’s particularly important to carry one out when introducing new processes, systems or technologies for processing personal data. Who should conduct a DPIA?

GDPR

GDPR Personal data Risk Marketing

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

“In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Security

Security Ransomware Cybersecurity Privacy

Examples of data processing activities that require a DPIA

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Damage : the effects on the individual if a data breach or privacy violation occurs.

GDPR

GDPR Personal data Risk Data breaches

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. First of all, cybersecurity is becoming a “must have” for businesses and governments. In the case of Lemonade – an online insurance company – it spent over 200 hours on the process. Here are a few other winners.

Compliance

Compliance Security Cybersecurity Marketing

UK’s Draft GDPR Implementation Law: The Starting Point

HL Chronicle of Data Protection

SEPTEMBER 27, 2017

government introduced in Parliament the Data Protection Bill. The main aim of the bill is to implement the General Data Protection Regulation (EU) 2016/679 into U.K. Ensuring that the GDPR, as implemented by the bill, will continue to apply to the U.K. First and foremost, the bill applies the GDPR to U.K.

GDPR

GDPR Personal data Government Privacy

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

JULY 27, 2020

Here’s what everyone should know about what’s at stake when it comes to infusing some level of ethics into AI. ‘Ethical AI’ Companies and big government agencies know ethical use of AI is important. At the moment, there’s little to constrain corporations or government agencies from using AI however they want. Shashanka explains. “No

IT

IT Government Artificial Intelligence Personal data

Europe: New guidelines on the application and setting of fines under GDPR

DLA Piper Privacy Matters

NOVEMBER 7, 2017

Less than 6 months remain for individuals and companies to get ready for the breakthrough regulation in personal data protection envisaged by the Regulation 2016/679 of 27 April 2016 [1] (furthermore as “ GDPR “).

GDPR

GDPR Personal data Privacy Government

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

EUROPE: Domain names and WHOIS information in a post-GDPR world (gTLDs update)

DLA Piper Privacy Matters

JUNE 29, 2018

With the General Data Protection Regulation (GDPR) having taken effect across the EU on 25 May 2018, this has meant a big change to the availability of WHOIS data (ie data recording – among other things – the persons who own domain names). This means that you can still obtain “thin” WHOIS data (i.e.

GDPR

GDPR Personal data Access Compliance

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Hunton Privacy

OCTOBER 5, 2016

In September, the Centre for Information Policy Leadership (“CIPL”) held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. There was a sense of shared responsibility for the successful and timely implementation of the GDPR between industry, DPAs, national governments and the EU Commission.

GDPR

GDPR Risk IT Compliance

DPIAs for retail and hospitality

IT Governance

MARCH 26, 2019

Although DPIAs (data protection impact assessments) are not a new concept, the GDPR (General Data Protection Regulation) now mandates them under certain circumstances. The primary aim is to reduce the possible harm to the data subject. A DPIA assesses risk. All decisions should be recorded and signed off.

Retail

Retail Risk GDPR Government

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

DLA Piper Privacy Matters

JANUARY 24, 2019

On 21 January 2019, the restricted committee of the French Data Protection Supervisory Authority (CNIL) fined Google LLC 50 million euros for breaching GDPR for lack of transparency, inadequate information and lack of valid consent regarding personalized advertising. . Was the CNIL the competent SA?

Privacy

Privacy GDPR Personal data Compliance

ICO update report into adtech and real time bidding

DLA Piper Privacy Matters

JULY 3, 2019

On 20 June the ICO issued its interim report into a its review of the adtech industry and real time bidding process (“RTB”) that forms an integral part of the online advertising ecosystem. Advertisers bid in real time to place adverts to users through a bid request process where advertisers can find a suitable user audience.

GDPR

GDPR Data collection Personal data Marketing

Ensure you’re #BreachReady in the media sector

IT Governance

JULY 26, 2018

But despite increased excitement and relaxed engagement online, it’s important to remember that your media-rich content requires its own SPF (security protection factor) to defend against a costly data-breach burn… especially during the holiday months when your workforce is reduced and your resources are limited. What is Timehop?

Data breaches

Data breaches GDPR Personal data Government

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Consumer access and data portability rights. Disclosure requirements.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Consumer Access and Data Portability Rights. Disclosure Requirements.

Privacy

Privacy GDPR Personal data Risk

“What’s Cooking” in Sacramento: CCPA’s “Employee Exception” Bill is Amended; “Publicly Available Information” Exception is Broadened, and Consumer Access Rights are Clarified

Data Protection Report

JULY 3, 2019

This is the Data Protection Report’s eleventh blog post in a series of CCPA blog posts. Also, driver’s license data that is purchased from local government records databases would not be exempted from CCPA protections if it is used for a purpose that is not compatible with the purpose for which the data is maintained (e.g.

Access

Access Privacy Data Privacy Government

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. The International Association of Privacy Professionals estimates at least 500,000 U.S. The CCPA governs how businesses treat “consumer” “personal information.” CCPA Background.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. The International Association of Privacy Professionals estimates at least 500,000 U.S. The CCPA governs how businesses treat “consumer” “personal information.” CCPA Background.

Privacy

Privacy Sales Education Compliance

One-Month Countdown to Pass CCPA Amendments Begins

Data Protection Report

AUGUST 12, 2019

Starting with the Senate Appropriations Committee Hearing today, the legislature will now have approximately a month to continue the markups and send California Consumer Privacy Act (CCPA) amendments to the Governor’s desk for signature before the September 13 deadline.

Manufacturing

Manufacturing Sales Privacy Data Privacy

Nevada, New York and other states follow California’s CCPA

Data Protection Report

JUNE 6, 2019

The US privacy law landscape continues to shift and evolve as state and federal privacy legislative proposals continue to be debated and become enacted. While CCPA-like bills in Washington and Texas failed to pass, Nevada passed its online privacy amendment and proposals in New York and Washington, DC appear to be gaining momentum.

Sales

Sales Privacy Insurance Manufacturing

How to implement the General Data Protection Regulation (GDPR)

Security Compliance & Data Privacy Regulations

Trending Sources

GDPR for small business: the ultimate guide

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Key steps to GDPR compliance – Part 3

France: The CNIL publishes a practical guide on Data Protection Officers

Key Steps to GDPR Compliance – Part 2

GDPR Training in Belfast – save 10%

Australia Privacy Act review – a blueprint for change?

Why risk assessments are essential for GDPR compliance

Do I Need a Data Catalog?

What UK charities need to know about GDPR compliance

California Enacts Broad Privacy Laws Modeled on GDPR

GDPR – The Year in Review

New course dates for GDPR training in Edinburgh and Glasgow

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Building cyber security careers

Insights about the first five years of Right to be Forgotten requests at Google

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

California Enacts Broad Privacy Protections Modeled on GDPR

Why every organisation needs data protection impact assessments

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Security Outlook 2023: Cyber Warfare Expands Threats

Examples of data processing activities that require a DPIA

Automated Security and Compliance Attracts Venture Investors

UK’s Draft GDPR Implementation Law: The Starting Point

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

Europe: New guidelines on the application and setting of fines under GDPR

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

EUROPE: Domain names and WHOIS information in a post-GDPR world (gTLDs update)

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

DPIAs for retail and hospitality

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

ICO update report into adtech and real time bidding

Ensure you’re #BreachReady in the media sector

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

“What’s Cooking” in Sacramento: CCPA’s “Employee Exception” Bill is Amended; “Publicly Available Information” Exception is Broadened, and Consumer Access Rights are Clarified

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

One-Month Countdown to Pass CCPA Amendments Begins

Nevada, New York and other states follow California’s CCPA

Stay Connected