IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Hunton Privacy

JUNE 11, 2019

On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates.

Personal data 104

Personal data Security GDPR Archiving 104

IT Governance

AUGUST 18, 2020

A survey has found that 54% of UK universities reported a data breach to the ICO (Information Commissioner’s Office) in the past 12 months. Of the 86 universities that responded to a Freedom of Information request from security firm Redscan, the majority admitted serious shortcomings in their ability to prevent data breaches.

Data breaches 116

Data breaches GDPR Education Phishing 116

Data Protection Report

JULY 8, 2019

Following the now famous €50m fine imposed on Google LLC in January 2019, [1] the French Data Protection Authority (the CNIL ) published a decision taken on 28 May 2019 [2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.

GDPR 40

GDPR Personal data Compliance Security 40

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. This includes a fine of €400,000 against a public housing company in France, a €14.5m

GDPR 60

GDPR Personal data Privacy Manufacturing 60

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. This includes a fine of €400,000 against a public housing company in France, a €14.5m

GDPR 60

GDPR Personal data Privacy Manufacturing 60

IT Governance

JANUARY 30, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is more than mere credentials, too – according to Cybernews, most of the exposed data is sensitive. In total, 3,876 domain names were included in the exposed data set.

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR 91

GDPR Personal data Data collection Marketing 91

HL Chronicle of Data Protection

SEPTEMBER 23, 2019

2019 conference in Las Vegas. Michelle Kisloff will share insights and strategies for professional development during the panel, “ Habits of Highly Effective Privacy and Security Professionals ,”. Join members from our award-winning Privacy and Cybersecurity (PaC) practice at this week’s IAPP Privacy. September 23. Time: 6:30 p.m. –

Privacy 40

Privacy Risk Security GDPR 40

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. million people – just under a third of the country’s population.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

DLA Piper Privacy Matters

OCTOBER 24, 2019

On 16 October 2019 – after weeks of rumors and speculations – the German data protection authorities (‘DPAs’) published their guidelines (‘ Guidelines’ ) for calculating administrative fines under Article 83 General Data Protection Regulation (‘ GDPR’ ). 18 GDPR (i.e. 12 to 14.4 (= 4 %). Minor violation.

GDPR 40

GDPR Compliance Personal data IT 40

IT Governance

APRIL 3, 2018

For more than a decade, the Information Governance (IG) Toolkit has been the all too familiar – although not always welcome – annual obligation for healthcare organisations to demonstrate their accord compliance with the Department of Health (DoH) standards for data security. The GDPR comes into effect on 25 May 2018.

GDPR 68

GDPR Security Compliance Information governance 68

IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. At the time of writing, the data set starts in Q2 2019 and goes up to Q2 2023.

Data breaches 52

Data breaches Personal data Government GDPR 52

HL Chronicle of Data Protection

MARCH 29, 2019

Trust in data, no longer a luxury? Nicola Fulford and James Denvil will speak at the workshop,” Trust in data, no longer a luxury – Privacy, security, and consumer trust for 21st century,” at the Luxury Law London Summit. International Privacy + Security Forum. Cybersecurity and Data Privacy.

Privacy 40

Privacy Cybersecurity Data Privacy GDPR 40

Hunton Privacy

APRIL 5, 2019

On January 25, 2019, Nigeria’s National Information Technology Development Agency (“NITDA”) issued the Nigeria Data Protection Regulation 2019 (the “Regulation”). Many concepts of the Regulation mirror the EU General Data Protection Regulation (“GDPR”).

Personal data 101

Personal data Privacy Compliance GDPR 101

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR 40

GDPR Personal data Privacy Information architecture 40

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. It is also used to make data more easily understood and secure.

Government 105

Government Data breaches Metadata GDPR 105

IT Governance

JANUARY 10, 2019

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches. Hello and welcome to the first IT Governance podcast of 2019 – for Friday, 11 January. So, without further ado, let’s crack on with what’s happened so far in 2019.

Data breaches 77

Data breaches Passwords GDPR Personal data 77

IT Governance

JULY 1, 2020

The first half of 2020 ended on a familiarly bad note, with 92 security incidents accounting for at least 7,021,195,399 breached records. As such, affected individuals should already have been aware that their data had been compromised and taken the necessary steps to mitigate the damage. hack (350,000).

Data breaches 140

Data breaches Ransomware Retail Personal data 140

Thales Cloud Protection & Licensing

MARCH 13, 2019

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction. Data Security: Low Adoption Amidst Increasing Requirements.

Encryption 96

Encryption Compliance Access Security 96

Hunton Privacy

MARCH 19, 2019

On March 12, 2019, the European Data Protection Board (“EDPB”) adopted an opinion on the interplay between the EU Directive on Privacy and Electronic Communications (“the ePrivacy Directive”) and the General Data Protection Regulation (“GDPR”) (the “Opinion”). Interplay between the ePrivacy Directive and the GDPR.

GDPR 45

GDPR Personal data Communications Government 45

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4].

GDPR 49

GDPR Personal data Communications Government 49

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Hunton Privacy

MARCH 17, 2020

On March 12, 2020, the French Data Protection Authority (the “CNIL”) released its annual inspection strategy for 2020. The CNIL carries out approximately 300 inspections every year. Geolocation for Community or Proximity Services ( e.g. , recommendation of appropriate transport modes based on a defined route, journey optimization, etc.):

Data collection 80

Data collection Data breaches GDPR Personal data 80

Hunton Privacy

NOVEMBER 22, 2019

On November 13, 2019, the European Data Protection Board (“EDPB”) published its draft guidelines 4/2019 (the “Guidelines”) on the obligation of Data Protection by Design and by Default (“DPbDD”) set out under Article 25 of the EU General Data Protection Regulation (“GDPR”). Data protection by design.

Personal data 50

Personal data GDPR Compliance Risk 50

eDiscovery Daily

AUGUST 21, 2019

As noted yesterday , Tuesday and Monday , the International Legal Technology Association (ILTA) annual educational conference of 2019 (otherwise known as ILTACON) is happening this week and eDiscovery Daily is once again covering the show and, this year, CloudNine is exhibiting at the show and participating in a major way.

e-Discovery 38

e-Discovery GDPR Analytics Information governance 38

DLA Piper Privacy Matters

JANUARY 18, 2021

On 20 June 2019, the European Union adopted Regulation 2019/1157/EU which will enter into force on 2 August 2021 and which will introduce the mandatory obligation for Member States to include two fingerprints in interoperable digital formats in national ID cards. Introduction. Assessment of the Constitutional Court.

Privacy 98

Privacy GDPR Risk Personal data 98

IT Governance

MAY 30, 2019

Just when you thought you were getting the hang of the GDPR (General Data Protection Regulation) , you learn that things are even more complicated. That’s been the reaction of many law enforcement bodies that have recently learned about their compliance requirements under the DPA (Data Protection Act) 2018.

GDPR 49

GDPR Personal data Government Compliance 49

Hunton Privacy

AUGUST 13, 2019

On August 12, 2019, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) announced its intent to approve Nederland ICT’s Data Pro Code (the “Code”), a code of conduct for the ICT sector. Nederland ICT represents data processors from the IT sector.

GDPR 40

GDPR Personal data Data breaches Compliance 40

eDiscovery Daily

OCTOBER 21, 2019

As we noted yesterday , the 2019 Relativity Fest conference is going on this week, CloudNine is once again here as a Sponsor and Exhibitor and I will be covering the show for eDiscovery Daily. The 2019 International Panel. 11:10 AM – 12:10 PM: Data Subject Access Requests in the Americas and Beyond.

e-Discovery 45

e-Discovery e-Delivery GDPR Education 45

Data Protector

OCTOBER 11, 2017

What follows below is an edited version of the debate in the House of Lords of the Second Reading of the Data Protection Bill, held on 10 October. Data is not just a resource for better marketing, better service and delivery. Data is used to build products themselves. It has become a cliché that data is the new oil.

GDPR 120

GDPR Personal data Government IT 120

Thales Cloud Protection & Licensing

MARCH 12, 2019

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction. Data Security: Low Adoption Amidst Increasing Requirements.

Encryption 54

Encryption Compliance Access Security 54

Hunton Privacy

MARCH 26, 2019

On March 14, 2019, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) published a press release announcing its policy (in Dutch ) for calculating administrative fines (the “Policy”). In certain cases, the Dutch DPA may also consider the financial situation of the data controller or processor.

GDPR 55

GDPR Personal data Authentication Compliance 55

DLA Piper Privacy Matters

JULY 29, 2020

Until recently, most decisions of the Belgian Data Protection Authority (Belgian DPA) concerned national companies or individuals. The case against Google Belgium SA was initiated by a complaint filed with the Belgian DPA by a Belgian resident on 12 august 2019. This is the highest fine ever imposed by the Belgian DPA.

GDPR 75

GDPR Compliance IT Privacy 75

eSecurity Planet

JANUARY 28, 2021

In fact, there remains a huge shortage of experienced security professionals available to fill open positions. A contributing factor to the cybersecurity skills gap is the large number of security startups that have been founded in recent years. As a result, security is expected to more than double in size to $300 billion by 2025.

Cybersecurity 110

Cybersecurity Compliance Cloud Artificial Intelligence 110

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. It is also used to make data more easily understood and secure.

Government 40

Government Data breaches Metadata GDPR 40

eDiscovery Daily

OCTOBER 20, 2019

The 2019 Relativity Fest conference is here! Here are some of the eDiscovery-related sessions for today: 11:00 AM – 12:00 PM: The Business of Law 2020: The FTI-Relativity General Counsel Survey. e-Discovery Data Management: Governance and Process Optimization. Let’s check out some of the sessions lined up for today.

e-Discovery 40

e-Discovery Data Privacy Education Privacy 40