Remove tag privacy-policy
Remove Data Remove Information Security Remove Security
article thumbnail

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The order also requires that the company destroy personal data for which it had not received consent and to create a document retention and destruction policy.

article thumbnail

UK ICO Issues Enforcement Notice and Warning to UK Home Office

Hunton Privacy

On March 1, 2024, the UK Information Commissioner’s Office (“ICO”) announced that it had issued an enforcement notice and a warning to the UK Home Office for failing to sufficiently assess the privacy risks posed by the electronic monitoring of people arriving in the UK via unauthorized means.

Privacy 61
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Guest Post -- GDPR Compliance starts with Data Discovery

AIIM

This is the seventh post in a series on privacy by Andrew Pery. You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.

GDPR 108
article thumbnail

Newly Proposed SEC Cybersecurity Risk Management and Governance Rules and Amendments for Public Companies

Data Matters

Securities and Exchange Commission (SEC) proposed new cybersecurity rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. an incident in which a malicious actor has demanded payment to restore company data that was stolen or altered.

article thumbnail

Italian Garante Publishes Updated Guidelines on Cookies and Other Tracking Technologies

Hunton Privacy

Laura Liguori of Portolano Cavallo reports that on June 10, 2021, the Italian Data Protection Authority ( Garante or “DPA”) adopted a new version of its guidelines for cookies and other tracking mechanisms (the “Guidelines”). Multilayer Policy: Banners and Unabridged Policy. Obtaining Consent: Scrolling and Cookie Walls.

GDPR 98
article thumbnail

SEC Proposes Cybersecurity Rules for Public Companies

Hunton Privacy

On March 9, 2022, the Securities and Exchange Commission (“SEC”) held an open meeting and proposed new cybersecurity disclosure rules for public companies by a 3-1 vote. Whether the company has remediated or is currently remediating the incident. Failure to file a timely Form 8-K under Item 1.05

article thumbnail

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

The Regulation requires that Covered Entities establish and maintain a cybersecurity program designed to protect the confidentiality, integrity, and availability of its information systems and its customers’ NPI as defined in 23 NYCRR §§ 500.01(e) e) and 500.01(g), g), respectively.