Data, GDPR and Security - Information Management Today

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

Virtually every organization recognizes the power of data to enhance customer and employee experiences and drive better business decisions. Yet, as data becomes more valuable, it’s also becoming harder to protect. What is a data protection strategy?

Data breaches

Data breaches GDPR Compliance Encryption

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

The Last Watchdog

NOVEMBER 8, 2021

However, healthcare data ranks at the top of the list for needing improvements in security and privacy protections. This data is managed by different entities, such as primary care facilities, acute care facilities and within associated applications that collect, store and track health data, creating numerous exposure vulnerabilities.

Access

Access Privacy Security IoT

Guest Post -- GDPR Compliance starts with Data Discovery

AIIM

NOVEMBER 16, 2017

You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. Compliance starts with data discovery.

GDPR

GDPR Compliance Privacy Paper

4 Special Requirements Social Media and Collaboration Create for GDPR Compliance

AIIM

JANUARY 26, 2018

A new set of European rules and standards related to privacy and data protection (the General Data Protection Regulation , or GDPR ) has set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers.

GDPR

GDPR Compliance Archiving Privacy

CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures

Hunton Privacy

JUNE 11, 2019

On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates.

Personal data

Personal data Security GDPR Archiving

Thales & LuxTrust: A Partnership for Data Sovereignty and Compliance

Thales Cloud Protection & Licensing

MAY 20, 2024

Businesses must prioritize this area, particularly when collaborating with third-party providers, ensuring compliance and maintaining a secure digital landscape. As a leading technology provider in the security domain, Thales is delighted to work with MSSPs like LuxTrust to deliver cutting-edge solutions that address these critical needs.

Compliance

Compliance Encryption Marketing Data preservation

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping is a typically automated process that extracts information from websites, allowing criminals to compile data sets containing personal information.

Data breaches

Data breaches Education Manufacturing Retail

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

On 30 October 2019, the Berlin Commissioner for Data Protection and Freedom of Information ( Berliner Beauftragte für Datenschutz und Informationsfreiheit – “ Berlin DPA ”) imposed an administrative fine of about EUR 14.5 million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR).

GDPR

GDPR Personal data Archiving Compliance

UK ICO fines hotel chain giant Marriott over data breach

Security Affairs

NOVEMBER 2, 2020

The UK Information Commissioner’s Office fined US hotels group Marriott over the 2018 data breach that affected millions of customers worldwide. million) for multiple data breaches suffered by the company since 2018 that exposed the personal information of its customers. million ($23.5 According to the U.K.’s

Data breaches

Data breaches Personal data GDPR Encryption

Ensuring that email data is compliant with GDPR regulations

Information Management Resources

FEBRUARY 8, 2018

Architecting a security, privacy and governance solution can be fast and simple. This checklist will ensure your archiving solutions are in top notch shape before the General Data Protection Regulation is here.

GDPR

GDPR Archiving Privacy Government

Securing Corporate Data When Remote Working is the Norm

Thales Cloud Protection & Licensing

APRIL 7, 2020

While many companies have deployed extra measures to secure employees’ remote access to corporate resources and apps, it is important to think of all the necessary security measures to be taken in protecting sensitive data. Discover and classify your data. Understand the risks related to data.

Security

Security Encryption Data breaches Cloud

New Belgian Data Protection Act Takes Effect

Data Matters

SEPTEMBER 7, 2018

On September 5, 2018, the new Belgian Data Protection Act implementing the GDPR (the Belgian Act ) was published and entered into force. The Belgian Act goes further than mere implementation of the GDPR, to cover data processing explicitly excluded from the scope of the GDPR. Children’s Consent.

GDPR

GDPR Archiving Privacy Compliance

EU Regulatory Data Protection: A first appraisal of the European Commission’s proposal for a ‘Data Act’

DLA Piper Privacy Matters

FEBRUARY 23, 2022

The European Commission today presented its second instrument in the European Data Strategy; a “Regulation on harmonised rules on fair access to and use of data”, better known as the Data Act. In the proposal, “data” is broadly defined and contains both personal and non-personal data.

GDPR

GDPR Personal data IoT Access

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR

GDPR Personal data Data collection Marketing

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches

Security Affairs

NOVEMBER 26, 2022

The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than five million users. At the end of July, a threat actor leaked data of 5.4 The threat actor offered for sale the stolen data on the popular hacking forum Breached Forums. ” the source told 9to5Mac.

Data breaches

Data breaches Sales Privacy GDPR

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Data Protection Report

JULY 8, 2019

Following the now famous €50m fine imposed on Google LLC in January 2019, [1] the French Data Protection Authority (the CNIL ) published a decision taken on 28 May 2019 [2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.

GDPR

GDPR Personal data Compliance Security

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

IT Governance Podcast 08.09.23: Electoral Commission (again), Meta, Pôle emploi

IT Governance

SEPTEMBER 7, 2023

This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi. The Cyber Essentials scheme is a government-backed framework supported by the National Cyber security Centre.

Government

Government IT Personal data GDPR

Archives Records 2019 RMS Annual Meeting

The Schedule

AUGUST 9, 2019

Hosted two online Hangouts: one in April on the General Data Protection Regulation (GDPR). Securities and Exchange Commission. Stay tuned for more information on the substantive data, but here’s a look at the demographic data: All respondents have a college degree, and nearly 90% also have a master’s degree.

Archiving

Archiving Records Management Government Military

Preservica and Microsoft collaborate to provide enterprise-grade archiving and digital preservation on Azure

Preservica

MARCH 14, 2019

Preservica’s market-leading Enterprise Private Cloud active digital preservation platform for Microsoft Azure meets growing demand for secure archiving, digital preservation and discovery of critical long-term data and content.

Digital preservation

Digital preservation Archiving Cloud Compliance

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

JULY 9, 2019

The UK’s data privacy regulator plans to fine giant hotel chain Marriott International with a £99 million ($123 million) under GDPR over 2014 data breach. ’s Information Commissioner’s Office, Marriott International was not compliant to the European Union’s data protection regulation GDPR.

Data breaches

Data breaches GDPR e-Discovery Data Privacy

EDPB Adopts Opinion on Draft South Korea Adequacy Decision

Hunton Privacy

OCTOBER 1, 2021

On September 27, 2021, the European Data Protection Board (“EDPB”) announced that it had adopted an opinion on the European Commission’s draft adequacy decision for the Republic of Korea (the “Opinion”). The EDPB also identified certain aspects of the Korean data protection framework that require further examination and clarification.

Personal data

Personal data GDPR Archiving Security

One-off vs. Ongoing Secure Destruction

Archive Document Data Storage

JUNE 10, 2019

With the GDPR (General Data Protection Regulation) in full swing, it is important to securely destroy paper files which have passed their retention lifecycle, as well as electronic data stored on redundant IT/media devices. One-off Secure Destruction. Secure shredding offsite. Ongoing Secure Destruction.

Security

Security GDPR Paper Data breaches

Here’s One Way to Comply with GDPR – Block All EU Users: Data Privacy Trends

eDiscovery Daily

MAY 17, 2018

Believe it or not, Europe’s General Data Protection Regulation (GDPR) is set to go into effect in one just one week(!), EU folks seem to be generally supportive of the GDPR and think that companies shutting down service are either stupid & ignorant or evil and thus should shut down. Are you ready for GDPR?

GDPR

GDPR Data Privacy Privacy Archiving

How does GDPR impact digital preservation solutions in the Cloud?

Preservica

OCTOBER 30, 2017

Inside and outside of Europe, everyone is talking about the General Data Protection Regulation (GDPR) and what it means to their organization. Whether you are a hare or an ostrich in your readiness, GDPR needn’t be just a deadline viewed with trepidation. First of all, the cloud. Now to digital preservation.

Digital preservation

Digital preservation GDPR Cloud Personal data

Email archives often overlooked in GDPR compliance efforts

Information Management Resources

JANUARY 10, 2018

Whether it’s from customers, partners or colleagues, organizations collect hundreds, if not thousands, of emails that contain personal information every day.

Compliance

Compliance Archiving GDPR Security

327 million Marriott guests affected in Starwood Data Breach

Security Affairs

NOVEMBER 30, 2018

Starwood Data Breach – Hackers accessed the guest reservation system of the Marriot owned Starwood since 2014 and copied and encrypted the information. ” reads the data breach notification published by Marriot. ” This is one of the largest data breaches in history, the biggest one for the hospitality industry. .

Data breaches

Data breaches Encryption Access GDPR

5 Ways Secure Shredding Helps Your Business

Archive Document Data Storage

FEBRUARY 6, 2019

In this blog, we highlight five ways a secure shredding service helps your business. A secure shredding service helps you stay productive. Locked collection containers are placed within your office allowing no-longer-needed documents to be dropped inside quickly and securely. Enhancing Productivity. Reducing Liability.

Security

Security Paper GDPR Archiving

5 Ways Secure Shredding Helps Your Business

Archive Document Data Storage

FEBRUARY 6, 2019

In this blog, we highlight five ways a secure shredding service helps your business. A secure shredding service helps you stay productive. Locked collection containers are placed within your office allowing no-longer-needed documents to be dropped inside quickly and securely. Enhancing Productivity. Reducing Liability.

Security

Security Paper GDPR Archiving

FRANCE: CNIL New Security Guidelines

DLA Piper Privacy Matters

FEBRUARY 2, 2018

Article 32 of the GDPR requires data controllers and processors to “ implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk ”. Although the GDPR provides some guidance as to the types of measures that may be considered appropriate (i.e., Workstations security.

Security

Security Personal data GDPR Compliance

EDPB’s New Guidelines – Clinical Trials in the EU and COVID-19

HL Chronicle of Data Protection

MAY 1, 2020

This is not the first time that the EDPB has issued guidance on topics related to scientific research or clinical trials (see its analysis on the interplay between the GDPR and the Clinical Trials Regulation , which we covered, here). recent trip or presence in a region where COVID-19 is widespread).

GDPR

GDPR Personal data Privacy Data collection

Everything You Need to Know about Data Destruction

Archive Document Data Storage

NOVEMBER 2, 2017

Data destruction may be the final step in the retention management life cycle, but that doesn’t mean it’s the least important step. In this blog we offer a complete overview of data destruction so you can protect your information from beginning to end. A secure destruction service ensures prompt disposal of expired media.

GDPR

GDPR Archiving Records Management Compliance

Romania: Key aspects in the Romanian Data Protection Authority’s annual activity report (2019)

DLA Piper Privacy Matters

OCTOBER 22, 2020

On 28 September 2020, the Romanian National Supervisory Authority for the Processing of Personal Data (ANSPDCP) published on its website the annual activity report for 2019. Qualification of the parties involved in personal data processing activities. The below summarizes what we see as the highlights of the annual report. 5 of Law no.

Personal data

Personal data GDPR Communications Compliance

What is ISO 20614, and why does it matter?

Everteam

OCTOBER 22, 2019

While physical information security has been practiced for centuries, most people view digital information security as a new concern. However, governments and standards bodies have been coping with issues of the privacy and security of digital records and archives for decades longer than most people realize.

Archiving

Archiving IT Privacy GDPR

A Secure Destruction Checklist

Archive Document Data Storage

MARCH 6, 2019

With the General Data Protection Regulation (GDPR) in full swing, it is important to review and update the secure destruction process in place within your organisation. It is vital that your secure destruction process poses no risk to your firm’s reputation. Do these refresher courses include the whole firm?

Security

Security Paper Data breaches GDPR

UK Government Releases Statement of Intent Regarding Data Protection Bill

Hunton Privacy

AUGUST 7, 2017

On August 7, 2017, the UK Government’s Department for Culture, Media and Sport published a Statement of Intent setting out the planned reforms to be included in the forthcoming Data Protection Bill, which we previously reported is expected to be laid before the UK Parliament in early September.

Government

Government Personal data GDPR Archiving

5 Tips for Protecting Your Hard Copy Data

Archive Document Data Storage

JUNE 25, 2019

Here are five tips from us for safeguarding your hard copy data. Hard copy data protection begins by knowing what you have. A retention and destruction schedule is a roadmap for how long to keep—and when to destroy—your hard copy data. secure loading and unloading areas. secure loading and unloading areas.

Records Management

Records Management Paper Archiving Access

10 Steps for Data Breach Prevention in the Workplace

Archive Document Data Storage

MAY 9, 2019

UK businesses face unprecedented levels of data security threats. How are you protecting your corporate data? Here are ten steps for reducing your data breach exposure: 1. You can’t protect your data without knowing where it’s stored. Locate your document and data storage repositories. Train Your Employees.

Data breaches

Data breaches Passwords Records Management Archiving

CNIL’s New Guidelines on HR Processing

HL Chronicle of Data Protection

APRIL 21, 2020

The French Data Protection Authority (CNIL) has recently released new guidelines (French only) regarding human resources processing operations. The new guidelines are applicable to public and private companies for the processing of their employees’ personal data. Categories of personal data. Legal basis.

Personal data

Personal data GDPR Big data Compliance

What to Do after a Business Data Breach

Archive Document Data Storage

SEPTEMBER 20, 2018

Data security experts all echo the same sentiment: “It’s not if your organisation will be breached, it’s when.” In this blog, we offer several steps to take after a data breach so you can create—or update—your breach response plan. A data breach can cause widespread panic throughout your organisation. Stay Calm.

Data breaches

Data breaches Archiving GDPR Communications

The Top Reasons Your Business Needs a File Retention and Storage Plan

Archive Document Data Storage

MARCH 1, 2019

A record storage and retention plan establishes protocols for transferring archival documents offsite to a record centre where they’re stored long term and without breaking the bank. GDPR Compliance. A file storage and retention plan establishes best practices for protecting confidential consumer data from unauthorised access.

Archiving

Archiving GDPR Compliance Personal data

Media Destruction and Privacy Law Compliance

Archive Document Data Storage

OCTOBER 10, 2018

New standards for the General Data Protection Rule (GDPR) went into effect on May 25, 2018. They affect any EU business that collects data from customers. GDPR non-compliance penalties are substantial: up to €20 million or 4 percent of annual turnover (whichever is greater). Appoint a Data Protection Officer.

Compliance

Compliance Privacy GDPR Archiving

4 Ways to Determine ROI around Data Cleanup

Everteam

DECEMBER 17, 2018

You need to show them not only why you need to perform a data cleanup, but prove the ROI behind it. All storage has a cost, whether it’s storage in your business applications or archival storage onsite or offsite. All storage has a cost, whether it’s storage in your business applications or archival storage onsite or offsite.

Cleanup

Cleanup ROT Archiving Compliance

Data protection strategy: Key components and best practices

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

Trending Sources

Guest Post -- GDPR Compliance starts with Data Discovery

4 Special Requirements Social Media and Collaboration Create for GDPR Compliance

CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures

Thales & LuxTrust: A Partnership for Data Sovereignty and Compliance

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

UK ICO fines hotel chain giant Marriott over data breach

Ensuring that email data is compliant with GDPR regulations

Securing Corporate Data When Remote Working is the Norm

New Belgian Data Protection Act Takes Effect

EU Regulatory Data Protection: A first appraisal of the European Commission’s proposal for a ‘Data Act’

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

A guide to the GDPR for insurance companies

IT Governance Podcast 08.09.23: Electoral Commission (again), Meta, Pôle emploi

Archives Records 2019 RMS Annual Meeting

Preservica and Microsoft collaborate to provide enterprise-grade archiving and digital preservation on Azure

UK ICO proposes a $123 million fine for Marriott 2014 data breach

EDPB Adopts Opinion on Draft South Korea Adequacy Decision

One-off vs. Ongoing Secure Destruction

Here’s One Way to Comply with GDPR – Block All EU Users: Data Privacy Trends

How does GDPR impact digital preservation solutions in the Cloud?

Email archives often overlooked in GDPR compliance efforts

327 million Marriott guests affected in Starwood Data Breach

5 Ways Secure Shredding Helps Your Business

5 Ways Secure Shredding Helps Your Business

FRANCE: CNIL New Security Guidelines

EDPB’s New Guidelines – Clinical Trials in the EU and COVID-19

Everything You Need to Know about Data Destruction

Romania: Key aspects in the Romanian Data Protection Authority’s annual activity report (2019)

What is ISO 20614, and why does it matter?

A Secure Destruction Checklist

UK Government Releases Statement of Intent Regarding Data Protection Bill

5 Tips for Protecting Your Hard Copy Data

10 Steps for Data Breach Prevention in the Workplace

CNIL’s New Guidelines on HR Processing

What to Do after a Business Data Breach

The Top Reasons Your Business Needs a File Retention and Storage Plan

Media Destruction and Privacy Law Compliance

4 Ways to Determine ROI around Data Cleanup

Stay Connected