Data, GDPR and Security - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

But in order for businesses to maintain compliance with major privacy laws , they have to have security measures in place before an attack. The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them.

GDPR

GDPR Compliance Data Privacy Privacy

Cloud Security Fundamentals: Understanding the Basics

eSecurity Planet

MAY 24, 2024

Cloud security fundamentals are the core requirements that ensure data protection, regulatory compliance, and access management in a cloud environment. Understanding cloud security challenges and knowing the cloud security tools available in the market significantly contribute to enhanced cloud security.

Cloud

Cloud Security Compliance Encryption

Security Considerations for Data Lakes

eSecurity Planet

AUGUST 11, 2022

Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing cloud infrastructure, this should be the case. Data Lake Security Scope. Data Lake Security Scope.

Security

Security Encryption Cloud Access

IRELAND: First GDPR fine issued in Ireland

DLA Piper Privacy Matters

MAY 19, 2020

Tusla, Ireland’s child and family agency, has become the first organisation fined under the GDPR in Ireland. The Irish Data Protection Commission filed papers in the Circuit Court on Friday to confirm the €75,000 fine against the Agency. Eilis McDonald & John Magee. It is reported the fine will not be challenged by Tusla.

GDPR

GDPR Personal data Government Paper

UK: First-Tier Tribunal considers first fine imposed by the ICO under the GDPR and slashes the amount by two thirds

DLA Piper Privacy Matters

AUGUST 19, 2021

On 17 December 2019, the ICO issued the first administrative fine under the GDPR (known as a monetary penalty notice in the UK), alongside an Enforcement Notice, against Doorstep Disparensee Limited (“ DDL ”). Some of these contained personal data and special category (health) data.

GDPR

GDPR Personal data Compliance Risk

GDPR: What’s the difference between personal data and sensitive data?

IT Governance

JULY 29, 2019

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? Location data. What is sensitive personal data? A home address.

Personal data

Personal data GDPR Encryption Compliance

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

eSecurity Planet

JANUARY 30, 2024

Cloud storage security issues refer to the operational and functional challenges that organizations and consumers encounter when storing data in the cloud. Cloud storage risks involve potential external threats and vulnerabilities that jeopardize the security of stored data.

Cloud

Cloud Risk Security Encryption

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy.

GDPR

GDPR Compliance Privacy Data Privacy

The GDPR: Do you know the difference between personal data and sensitive data?

IT Governance

JULY 18, 2018

Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data? Location data. IP address.

Personal data

Personal data GDPR Encryption Compliance

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

DLA Piper Privacy Matters

NOVEMBER 24, 2020

Background: How to calculate GDPR fines? How to properly calculate administrative fines for non-compliance with the EU General Data Protection Regulation (‘ GDPR ’) is one of the most important questions when applying the GDPR on practical level, e.g. : What is actually meant by the reference to “undertaking” in Article 83 (4) to (6) GDPR?

GDPR

GDPR Authentication Compliance Personal data

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. fine against a real estate company in Germany, a kr. 5-Step Process.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. fine against a real estate company in Germany, a kr. 5-Step Process.

GDPR

GDPR Personal data Privacy Manufacturing

CIPL Submits Comments to European Commission on GDPR Two-Year Evaluation

Hunton Privacy

MAY 5, 2020

On April 28, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted formal comments to the European Commission’s consultation on its roadmap for the two-year evaluation of the EU General Data Protection Regulation (“GDPR”) (the “Response”).

GDPR

GDPR Risk Personal data Compliance

ICO issue fine of £4.4 to Interserve for security failings

DLA Piper Privacy Matters

OCTOBER 25, 2022

for violations of the GDPR (the violations were pre-Brexit). The ICO found that Interserve had failed to put appropriate technical and organisational measures in place to secure personal data (in contravention of Articles 5(1)(f) and 32 GDPR) for a period of ~20 months. The Incident. Digest of points to note in the MPN.

Security

Security GDPR Personal data Insurance

CCTV and the GDPR – an overview for small businesses

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. Kept in a form that allows data subjects to be identified for no longer than is necessary. To erasure.

GDPR

GDPR Personal data Privacy Access

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

DLA Piper Privacy Matters

FEBRUARY 17, 2021

Securities and Exchange Commission (“ SEC ”) confirming that SEC-regulated UK domiciled firms (“ UK Regulated Firms ”) can share personal data with the SEC when seeking to comply with regulatory obligations, in compliance with the UK GDPR. As the GDPR places restrictions on the transfer of personal data to the U.S.,

Personal data

Personal data GDPR Security Compliance

GERMANY: Data Protection Authorities Issue GDPR Fining Guidelines

DLA Piper Privacy Matters

OCTOBER 24, 2019

On 16 October 2019 – after weeks of rumors and speculations – the German data protection authorities (‘DPAs’) published their guidelines (‘ Guidelines’ ) for calculating administrative fines under Article 83 General Data Protection Regulation (‘ GDPR’ ). This is used to assign the undertaking to a specific size-category.

GDPR

GDPR Compliance Personal data IT

Data Privacy Day: Looking Back on the Privacy Events of 2020

Thales Cloud Protection & Licensing

JANUARY 27, 2021

Data Privacy Day: Looking Back on the Privacy Events of 2020. Each year, the world observes Data Privacy Day on January 28th. It also considers how some businesses might not be taking the privacy of their corporate or customer data seriously. The theme for Data Privacy Day 2021 is “Own Your Privacy.”

Data Privacy

Data Privacy Privacy GDPR Encryption

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

6 tools to help you prevent and respond to data breaches

IT Governance

JANUARY 1, 2019

There are few things organisations fear more than data breaches. The stakes were raised with the enforcement of the EU GDPR (General Data Protection Regulation) in May 2018. GDPR Data Breach Support Service. Data Flow Mapping Tool. To do this, you will need to conduct regular data flow maps.

Data breaches

Data breaches GDPR Information Security Risk

GDPR – the facts and what it means for the retail sector

IT Governance

JUNE 25, 2018

We all know by now that, on 25 May 2018, the General Data Protection Regulation (GDPR) came into effect. The GDPR is not an IT issue. Rather, it is a business issue: organisations in every sector collect, access and use personal data for many purposes – hiring, marketing, sales, customer service and so on.

Retail

Retail GDPR IT Compliance

How long do you have to report a data breach?

IT Governance

DECEMBER 13, 2018

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them.

Data breaches

Data breaches GDPR Personal data Compliance

HMRC forced to delete 5 million voice records after GDPR gaffe

IT Governance

MAY 9, 2019

HMRC (HM Revenue and Customs) has been told to delete more than five million people’s voice records after it was discovered that the way the information was collected breached the GDPR (General Data Protection Regulation). Compliance with a legal obligation : when you need to process personal data to meet other legal requirements.

GDPR

GDPR Personal data Education Passwords

How long do you have to report a data breach?

IT Governance

OCTOBER 24, 2018

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them.

Data breaches

Data breaches GDPR Compliance Personal data

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches. Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

Time to Take Notice: ICO to Impose Record Fine for Data Security Breach

HL Chronicle of Data Protection

JULY 8, 2019

On 8 July 2019, the UK data protection authority (Information Commissioner’s Office; ICO) issued a notice of its intention to fine British Airways (BA) GBP 183.39 million) for infringements of the General Data Protection Regulation (GDPR). ” ICO Enforcement Implications. million (approx.

GDPR

GDPR Security Personal data Data breaches

EDPB Adopts Guidelines on Data Processing Through Video Devices

Hunton Privacy

JULY 26, 2019

The European Data Protection Board (the “EDPB”) recently adopted its Guidelines 3/2019 on processing of personal data through video devices (the “Guidelines”). Although the Guidelines provide examples of data processing for video surveillance, these examples are not exhaustive.

GDPR

GDPR Personal data Privacy Compliance

Government publishes consultation on post-Brexit data reforms

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

The government has today published its eagerly awaited Consultation Paper on Reforms to the UK Data Protection Regime – ‘Data: A New Direction’ (“ Consultation Paper ”), setting out the specific areas for regulatory reform of the UK’s data protection regime.

Government

Government Paper Personal data GDPR

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. Businesses familiar with GDPR will recognize the reference to automated decision-making, as Article 22 gives data subjects similar opt-out rights. However, in some cases, the definition of “business” is narrowed.

Privacy

Privacy B2B Sales Data breaches

10 Best CASB Security Vendors of 2022

eSecurity Planet

DECEMBER 17, 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. . Cloud access security brokers are increasingly a critical component of the Secure Access Service Edge (SASE) as edge and cloud security become the newest pain points.

Security

Security Cloud Risk Access

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

European Commission Adopts New Standard Contractual Clauses

Data Matters

JUNE 5, 2021

The European Commission ( EC ) on June 4, 2021 adopted a new set of Standard Contractual Clauses for international data transfers ( New SCCs ). Scope of the New SCCs : the New SCCs can only be used to legitimize transfers of personal data to a data importer (i.e., However, their formulation (i.e.,

GDPR

GDPR Personal data IT Data breaches

Data integrity vs. data quality: Is there a difference?

IBM Big Data Hub

JULY 13, 2023

When we talk about data integrity, we’re referring to the overarching completeness, accuracy, consistency, accessibility, and security of an organization’s data. Together, these factors determine the reliability of the organization’s data. In short, yes.

Metadata

Metadata MDM Analytics Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). The GDPR and CCPA take different approaches to defining the types of entities that must comply with the law.

GDPR

GDPR Privacy Personal data Sales

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

This initiative would likely create a de facto national standard on transparency around third-party sharing as well as consumer rights to restrict data sharing and could affect many business models that depend on data monetization to offer a free good or service. biometric data. geolocation data. biometric data.

Privacy

Privacy GDPR Sales Data breaches

What is personal information under the CCPA?

Collibra

NOVEMBER 2, 2020

The California Consumer Privacy Act (CCPA) came into effect four years after the General Data Protection Regulation (GDPR) was adopted. Despite coming at the heels of the GDPR, the recent California privacy law promptly established and defined its own concepts around consumer-related data. . Geolocation data.

Privacy

Privacy Education Insurance GDPR

AUSTRALIA: One month to go – EU GDPR implications for Australian businesses

DLA Piper Privacy Matters

APRIL 26, 2018

We are now one month away from the historic enforcement of the EU General Data Protection Regulation ( GDPR ) and it is clear that there is still much to do by many Australian organisations to ensure compliance by the 25 May 2018 deadline.

GDPR

GDPR Compliance Personal data Privacy

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Trending Sources

Security Compliance & Data Privacy Regulations

How to Comply with GDPR, PIPL, and CCPA

Cloud Security Fundamentals: Understanding the Basics

Security Considerations for Data Lakes

IRELAND: First GDPR fine issued in Ireland

UK: First-Tier Tribunal considers first fine imposed by the ICO under the GDPR and slashes the amount by two thirds

GDPR: What’s the difference between personal data and sensitive data?

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

The GDPR: Do you know the difference between personal data and sensitive data?

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

CIPL Submits Comments to European Commission on GDPR Two-Year Evaluation

ICO issue fine of £4.4 to Interserve for security failings

CCTV and the GDPR – an overview for small businesses

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

GERMANY: Data Protection Authorities Issue GDPR Fining Guidelines

Data Privacy Day: Looking Back on the Privacy Events of 2020

GDPR – The Year in Review

6 tools to help you prevent and respond to data breaches

GDPR – the facts and what it means for the retail sector

How long do you have to report a data breach?

HMRC forced to delete 5 million voice records after GDPR gaffe

How long do you have to report a data breach?

A guide to the GDPR for insurance companies

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Time to Take Notice: ICO to Impose Record Fine for Data Security Breach

EDPB Adopts Guidelines on Data Processing Through Video Devices

Government publishes consultation on post-Brexit data reforms

California Enacts Broad Privacy Laws Modeled on GDPR

California Privacy Law Overhaul – Proposition 24 Passes

Top 7 Cloud Security Posture Management (CSPM) Tools

10 Best CASB Security Vendors of 2022

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

European Commission Adopts New Standard Contractual Clauses

Data integrity vs. data quality: Is there a difference?

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

What is personal information under the CCPA?

AUSTRALIA: One month to go – EU GDPR implications for Australian businesses

California Enacts Broad Privacy Protections Modeled on GDPR

Stay Connected