Document, Examples, Exercises and Government - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Schools, hospitals and government agencies all fall under GDPR authority. Returning to a previous example, a company collecting phone numbers for marketing purposes would be a controller.

GDPR

GDPR Compliance Personal data Privacy

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Those changes enforced independent financial auditing of companies and required every board of directors to retain at least one financial expert to ensure the board of directors understands those independent audits. See the top Governance, Risk & Compliance (GRC) tools. SOX: Consequences. Proposed SEC Security Changes.

Cybersecurity

Cybersecurity Compliance Risk Communications

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The only processing operations exempt from the GDPR are national security and law enforcement activities and purely personal uses of data. For example, a business that collects user health data needs stronger protections than one that collects only email addresses. For a full list of approved legal bases, see the GDPR compliance page.

GDPR

GDPR Compliance Personal data Privacy

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

The EU General Data Protection Regulation is a game changer , particularly enforcement of obligations to safeguard privacy rights. Article 28 lays out the obligation requirements that govern the relationship between data controllers and processors. Clustering that categorizes documents based on their similarity and relationship.

GDPR

GDPR Compliance Privacy Data Privacy

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security policy management (NSPM): Centralizes control and management of policies to be enforced across network firewalls, routers, and other equipment. Cloud security posture management (CSPM): Finds gaps and misconfigurations, secures access, and enforces compliance policies in deployed cloud environments. behind the proxy.

Security

Security Cloud Cybersecurity Risk

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. However, the current framing does support a more simplified disclosure structure.

Privacy

Privacy Sales Insurance Compliance

Considerations on embedding the new standard contractual clauses in IT contracts

DLA Piper Privacy Matters

AUGUST 3, 2021

Before Schrems II, the “old” SCCs were routinely included in IT contracts without actually considering thoroughly the interplay between those old SCCs and the IT agreement as such, for example, in case of suspension or termination of the data transfers, as such suspension or termination did not happen in practice.

IT

IT Personal data Compliance Risk

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

DLA Piper Privacy Matters

NOVEMBER 12, 2020

Both documents were adopted during the EDPB’s 41 st plenary session and are intended to be a follow-up to the Schrems II decision of the Court of Justice of the European Union (“ CJEU ”) earlier this year. Importantly the Recommendations are published as a draft document, and remain open for consultation until the end of November.

Paper

Paper Personal data Privacy Access

AI and the Evolution of Social Media

Schneier on Security

MARCH 19, 2024

Microsoft cultivated proprietary document formats for years to keep you using its flagship Office product. In extreme examples, some people have formed close, perhaps even familial, bonds with AI chatbots. And the government has applied virtually no regulation toward those ends.

Artificial Intelligence

Artificial Intelligence Marketing Risk Government

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

They can, however, engage in probing internal due diligence of their companies’ cyber governance and compliance posture before it is too late — that is, before a cyber event occurs. Company boards, CEOs and general counsels cannot, of course, categorically prevent either breaches or rumors. 1] The U.S.

Compliance

Compliance Cybersecurity Risk Government

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. Data retention is a rising trend in GDPR enforcement. aka data and records retention). The Berlin regulator imposed a whopping EUR14.5m

Privacy

Privacy GDPR Data breaches Risk

FRANCE : THE CNIL ADOPTS REVISED GUIDELINES AND FINAL RECOMMENDATIONS ON COOKIES AND OTHER TRACKERS

DLA Piper Privacy Matters

OCTOBER 6, 2020

These two documents constitute “soft law” and are not binding, but provide strong references for organizations to anticipate how the CNIL may conduct its compliance investigations. and (iii) recorded by data controllers, for an appropriate duration during which they would not ask the users again for their consent.

GDPR

GDPR Communications Access Data collection

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice. change it substantially.

GDPR

GDPR Personal data Government IT

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

Data Protection Report

AUGUST 27, 2020

The High Court should have reached a conclusion about whether SWP had an “appropriate policy document ” in place, as is required under section 35 of the UK Data Protection Act 2018. Those using AFT in the private sector should therefore consider creating internal rules governing the use of AFT.

Risk

Risk Retail IT GDPR

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

These are (i) government entities; (ii) entities subject to the Gramm-Leach-Bliley Act; (iii) entities subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act; (iv) nonprofits; and (v) institutions of higher education. Entity exemptions.

Personal data

Personal data GDPR Sales Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. Data retention is a rising trend in GDPR enforcement. aka data and records retention). The Berlin regulator imposed a whopping EUR14.5m

Privacy

Privacy GDPR Data breaches Risk

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Although these proportionality factors began as an integral part of the definition of the scope of discovery, for more than two decades these limitations resided in a separate subsection of the Rule, resulting in considerable confusion and less-than-rigorous enforcement. For example, in John B.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

The ICO Updates Its Data Sharing Code of Practice

HL Chronicle of Data Protection

AUGUST 5, 2019

The Code mainly covers data sharing by private organisations subject to the GDPR and Part 2 of the DPA, but it also includes a specific section on data sharing under the Law Enforcement regime (Part 3 of the DPA). Are data sharing agreements required under the GDPR? What are the points a data sharing agreement should address?

GDPR

GDPR IT Personal data Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

The proposed rules shed light on how the California AG is interpreting and will be enforcing key sections of the CCPA. For example, “Household” is defined as “a person or group of people occupying a single dwelling” (999.301(h)). The rules are not final. 999.305(d)).

Sales

Sales Retail Privacy Access

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation. A draft of the FAQ document was exposed for a 30-day comment period to seek feedback regarding whether additional topics should be included in the document.

Insurance

Insurance Paper Artificial Intelligence Big data

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

VAMOSI: Once the classified documents were found online, there was an effort -- both by law enforcement and by the media -- to identify the leaker. It turns out some of the classified documents were photographed on a marble countertop, like in a kitchen countertop. That’s understandable, given his age. They could.

IT

IT Sales Security Honeypots

Information Management Today

GDPR compliance checklist

New SEC Cybersecurity Rules Could Affect Private Companies Too

Webinars

Trending Sources

The Impact of Data Protection Laws on Your Records Retention Schedule

Webinars

How to implement the General Data Protection Regulation (GDPR)

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Network Security Architecture: Best Practices & Tools

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Considerations on embedding the new standard contractual clauses in IT contracts

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

AI and the Evolution of Social Media

When And How Cos. Should Address Cyber Legal Compliance

The Privacy Officers’ New Year’s Resolutions

FRANCE : THE CNIL ADOPTS REVISED GUIDELINES AND FINAL RECOMMENDATIONS ON COOKIES AND OTHER TRACKERS

The debate on the Data Protection Bill in the House of Lords

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

The Privacy Officers’ New Year’s Resolutions

The Burden of Privacy In Discovery

The ICO Updates Its Data Sharing Code of Practice

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Regulatory Update: NAIC Summer 2020 National Meeting

The Hacker Mind Podcast: Hacking Real World Criminals Online

Stay Connected