Document, Examples, Exercises and Security - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The only data processing activities exempt from the GDPR are national security or law enforcement activities and purely personal uses of data. Returning to a previous example, a company collecting phone numbers for marketing purposes would be a controller. Schools, hospitals and government agencies all fall under GDPR authority.

GDPR

GDPR Compliance Personal data Privacy

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. While the new security proposals have not yet become law, cybersecurity managers can begin to prepare metrics and audits that will not only help comply with those laws, but can also help create positive change now.

Cybersecurity

Cybersecurity Compliance Risk Communications

Colorado AG Publishes Draft Colorado Privacy Act Rules

Hunton Privacy

NOVEMBER 1, 2022

On October 1, 2022, the Colorado Attorney General’s Office submitted an initial draft of the Colorado Privacy Act Rules (“CPA Rules”), which will implement and enforce the Colorado Privacy Act (“CPA”). Below are key examples of topics addressed by the proposed regulations. Summary of Proposed Regulations. Authentication (Rule 4.08).

Privacy

Privacy Personal data Data collection Compliance

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The only processing operations exempt from the GDPR are national security and law enforcement activities and purely personal uses of data. For example, a business that collects user health data needs stronger protections than one that collects only email addresses.

GDPR

GDPR Compliance Personal data Privacy

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

We make IT, security, or any business decision by weighing the risks and the rewards. Or as is often the case with security, what costs can we skip and still escape big penalties later? Document the incident response process as a plan. The building manager to handle threats to physical security at a specific office.

Insurance

Insurance Ransomware Data breaches Cloud

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. The EU General Data Protection Regulation is a game changer , particularly enforcement of obligations to safeguard privacy rights. Clustering that categorizes documents based on their similarity and relationship.

GDPR

GDPR Compliance Privacy Data Privacy

EDPB Adopts Guidelines on Data Processing Through Video Devices

Hunton Privacy

JULY 26, 2019

Although the Guidelines provide examples of data processing for video surveillance, these examples are not exhaustive. In compliance with the accountability requirement of the GDPR, these purposes should be documented in writing and specified for every surveillance camera in use.

GDPR

GDPR Personal data Privacy Compliance

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. However, the current framing does support a more simplified disclosure structure.

Privacy

Privacy Sales Insurance Compliance

A deeper dive into the new Standard Contractual Clauses

Data Protection Report

JUNE 7, 2021

The documentation published comprises both an Implementing Decision and an Annex setting out the New SCCs themselves. This is slightly more generous than the one year period proposed in the draft SCCs, but it will still mean a large repapering exercise in the coming months, which organisations should start preparing for.

Personal data

Personal data GDPR Data breaches Access

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

DLA Piper Privacy Matters

NOVEMBER 12, 2020

Both documents were adopted during the EDPB’s 41 st plenary session and are intended to be a follow-up to the Schrems II decision of the Court of Justice of the European Union (“ CJEU ”) earlier this year. Importantly the Recommendations are published as a draft document, and remain open for consultation until the end of November.

Paper

Paper Personal data Privacy Access

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. Data retention is a rising trend in GDPR enforcement. aka data and records retention).

Privacy

Privacy GDPR Data breaches Risk

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

Responsibility for corporate cybersecurity extends from the chief information security officer’s office, to the C-suite, to the corporate boardroom. Cyber Security Beyond Cybersecurity: CLGAs. To be sure, expectations of director-level engagement in and responsibility for managing cyber risks are growing. 1] The U.S.

Compliance

Compliance Cybersecurity Risk Government

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. Data retention is a rising trend in GDPR enforcement. aka data and records retention).

Privacy

Privacy GDPR Data breaches Risk

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

That makes email security software a worthwhile investment for organizations of all sizes. We analyzed the market for email security tools and software to arrive at this list of 7 top email security solutions, including their standout features, limitations and ideal use cases, followed by issues prospective buyers should consider.

Security

Security Phishing Compliance Cybersecurity

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

Among other things, the GDPR requires that controllers notify data subjects about the purposes for which personal data will be processed, the legal basis for processing, the categories of entities who may receive the personal data, the retention period for personal data, and the data subjects’ rights. 1. Geographic Scope.

GDPR

GDPR Privacy Personal data Sales

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. Network Elements Networks connect physical and virtual assets and control the data flow between them.

Security

Security Cloud Cybersecurity Risk

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation. A draft of the FAQ document was exposed for a 30-day comment period to seek feedback regarding whether additional topics should be included in the document.

Insurance

Insurance Paper Artificial Intelligence Big data

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Although these proportionality factors began as an integral part of the definition of the scope of discovery, for more than two decades these limitations resided in a separate subsection of the Rule, resulting in considerable confusion and less-than-rigorous enforcement. For example, in John B.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

California Privacy Protection Agency Officially Commences CPRA Rulemaking Process

Hunton Privacy

JULY 8, 2022

Below are key examples of topics the proposed regulations address. Additionally, a business may only collect PI categories that are disclosed via notice at the time of collection. To do so, a business may consider the nature of the PI, how it was obtained, and documentation related to the accuracy of the PI.

Privacy

Privacy Sales Compliance Access

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Where the Information Commissioner gives notices to data controllers, she can now secure compliance, with the power to issue substantial administrative penalties of up to 4% of global turnover. We think that this super-complainant system would help to protect anonymity and create a stronger enforcement framework.

GDPR

GDPR Personal data Government IT

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

The proposed rules shed light on how the California AG is interpreting and will be enforcing key sections of the CCPA. For example, “Household” is defined as “a person or group of people occupying a single dwelling” (999.301(h)). The rules are not final. 999.305(d)).

Sales

Sales Retail Privacy Access

The ICO Updates Its Data Sharing Code of Practice

HL Chronicle of Data Protection

AUGUST 5, 2019

The Code mainly covers data sharing by private organisations subject to the GDPR and Part 2 of the DPA, but it also includes a specific section on data sharing under the Law Enforcement regime (Part 3 of the DPA). Are data sharing agreements required under the GDPR? What are the points a data sharing agreement should address?

GDPR

GDPR IT Personal data Compliance

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

VAMOSI: Once the classified documents were found online, there was an effort -- both by law enforcement and by the media -- to identify the leaker. It turns out some of the classified documents were photographed on a marble countertop, like in a kitchen countertop. That’s understandable, given his age. They could.

IT

IT Sales Security Honeypots

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

establish, implement, and maintain reasonable administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of personal data, appropriate to the volume and nature of the personal data at issue. the categories of personal data that the controller shares with third parties, if any.

Personal data

Personal data GDPR Sales Privacy

AI and the Evolution of Social Media

Schneier on Security

MARCH 19, 2024

Microsoft cultivated proprietary document formats for years to keep you using its flagship Office product. In extreme examples, some people have formed close, perhaps even familial, bonds with AI chatbots. Additionally, governments can enforce existing regulations on advertising.

Artificial Intelligence

Artificial Intelligence Marketing Risk Government

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

Data Protection Report

AUGUST 27, 2020

The High Court should have reached a conclusion about whether SWP had an “appropriate policy document ” in place, as is required under section 35 of the UK Data Protection Act 2018. For example, regular reviews, oversight mechanisms and clear (and narrow) criteria setting out when and where AFT may be used.

Risk

Risk Retail IT GDPR

Information Management Today

GDPR compliance checklist

New SEC Cybersecurity Rules Could Affect Private Companies Too

Trending Sources

Colorado AG Publishes Draft Colorado Privacy Act Rules

How to implement the General Data Protection Regulation (GDPR)

How to Develop an Incident Response Plan

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

EDPB Adopts Guidelines on Data Processing Through Video Devices

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

A deeper dive into the new Standard Contractual Clauses

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

The Privacy Officers’ New Year’s Resolutions

When And How Cos. Should Address Cyber Legal Compliance

The Privacy Officers’ New Year’s Resolutions

7 Best Email Security Software & Tools in 2023

GDPR is upon us: are you ready for what comes next?

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Network Security Architecture: Best Practices & Tools

Regulatory Update: NAIC Summer 2020 National Meeting

The Burden of Privacy In Discovery

California Privacy Protection Agency Officially Commences CPRA Rulemaking Process

The debate on the Data Protection Bill in the House of Lords

Mic Drop: California AG releases long-awaited CCPA Rulemaking

The ICO Updates Its Data Sharing Code of Practice

The Hacker Mind Podcast: Hacking Real World Criminals Online

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

AI and the Evolution of Social Media

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

Stay Connected