Events, Information Security and Personal data - Information Management Today

China Releases National Standard on Personal Information Security

Hunton Privacy

JANUARY 26, 2018

On January 25, 2018, the Standardization Administration of China published the full text of the Information Security Technology – Personal Information Security Specification (the “Specification”). The use of personal information must not go beyond the purpose stated when collecting it.

Information Security

Information Security Security Privacy Personal data

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR

GDPR Compliance Personal data Privacy

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Trending Sources

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

The definition of “data handler” under the Draft Regulations is similar to that of “data controller” in other privacy laws, such as the EU General Data Protection Regulation (“GDPR”). Data Breach. Records Retention When Transferring Data to Third Parties. Cybersecurity Review.

Security

Security Data breaches Personal data Cybersecurity

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Provide information and advice. The CNIL provides practical advice to the management and the operational staff who process personal data, in order to ensure that such processing is carried out in compliance with the applicable data protections laws. The DPO is the key contact for the CNIL and data subjects.

GDPR

GDPR Compliance Personal data Communications

Dutch DPA Updates Policy on Administrative Fines

Hunton Privacy

MARCH 26, 2019

The Dutch DPA divided qualifying infringements into three or four categories. It assigned each category a specific penalty bandwidth ( i.e. , a range between a minimum fine and a maximum fine), as well as a basic fine. In certain cases, the Dutch DPA may also consider the financial situation of the data controller or processor.

GDPR

GDPR Personal data Authentication Compliance

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The ways in which these could happen need to be identified at every stage of the data handling process. GDPR: What’s the difference between personal data and sensitive data? Get started with vsRisk.

GDPR

GDPR Risk Compliance Personal data

European Commission Proposes Revised Standard Contractual Clauses

Data Matters

NOVEMBER 13, 2020

The publication of the EC’s Draft comes just one day after the European Data Protection Board (EDPB) published its draft recommendations describing how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the Schrems II ruling.

Personal data

Personal data GDPR Privacy Compliance

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

Notification processes in the event of personal data breach. Subject to specific circumstances data controllers and processors may be required to conduct a privacy impact assessment. There is some uncertainty as to the conditions that necessitate the need for a privacy impact assessment.

GDPR

GDPR Compliance Data collection Privacy

European Commission Publishes Draft Data Governance Act

Hunton Privacy

DECEMBER 2, 2020

“Data” under the Data Governance Act means any digital representation of acts, facts or information and any compilation of the same, including in the form of sound, visual or audiovisual recording. Below are some key takeaways from the draft Data Governance Act: Re-Use of Protected Data by Public Sector Authorities.

Government

Government Personal data Compliance GDPR

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

DECEMBER 20, 2017

The transparency obligations require controllers to provide certain information to data subjects regarding the processing of their personal data. The Working Party also clarifies that all categories of information to be provided pursuant to Articles 13 and 14 of the GDPR are of equal importance.

GDPR

GDPR Personal data Privacy Communications

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. Entities must annually buy sell, or share personal information of 100,000 consumers, not 50,000 as under the CCPA, to qualify as a business under the second prong of the test. New Rights for Sensitive Personal Information.

Privacy

Privacy B2B Sales Data breaches

Data Protection and Privacy Commissioners Issue Global Connected Car Guidance

Hunton Privacy

OCTOBER 5, 2017

Last week, at the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, data protection authorities from around the world issued non-binding guidance on the processing of personal data collected by connected cars (the “Guidance”).

Privacy

Privacy Personal data Data collection Data Privacy

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

For example, under GDPR data subjects and/or regulators may now pursue direct remedies against data processors in the event of infringement of obligations, whereas such remedies did not exist under the prior data privacy regulation.

GDPR

GDPR Compliance Privacy Data Privacy

A 6-step guide to surviving data breaches

IT Governance

FEBRUARY 1, 2019

Follow our advice to successfully manage risks and respond to a variety of information security incidents. Under the GDPR (General Data Protection Regulation) , organisations have 72 hours from the moment they become aware of a breach to report the incident. Assess the affected data. But do you know what would be worse?

Data breaches

Data breaches GDPR Personal data Compliance

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

know where the data is being transferred and to whom, where it is hosted and for how long it’s retained. This prioritization must be carried out, taking into consideration the risks to the rights and freedoms of the data subjects. verifying the data security measures implemented. Step 5: Organizing Internal Processes.

GDPR

GDPR Personal data Compliance Privacy

State Activity on Privacy: Vermont Is First to Regulate Data Brokers

Data Matters

JUNE 11, 2018

Washington State notably adopted a law on net neutrality and there is the prospect of a ballot initiative in California that would give individuals the right to know which categories of their or their children’s personal data have been collected or traded by businesses. The law will go into effect on January 1, 2019.

Privacy

Privacy Sales Data breaches Personal data

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy

Data Privacy Privacy Compliance Analytics

Final Rules for the Data Privacy Act Published in the Philippines

Hunton Privacy

SEPTEMBER 13, 2016

Some points of interest that have been resolved or finalized include the following: The IRR has two separate defined terms, “personal data” and “personal information,” but the potential discrepancy between the two terms has been resolved. This definition no longer appears in the final IRR.

Data Privacy

Data Privacy Privacy Personal data Data breaches

Ensure you’re #BreachReady in the media sector

IT Governance

JULY 26, 2018

It’s imperative that you’re equipped to handle a data breach correctly, swiftly and decisively. Data breach example. Timehop kick-started the digital nostalgia category across social media and continues to reinvent reminiscent behaviour online. The GDPR places stricter time pressures on organisations to report a data breach.

Data breaches

Data breaches GDPR Personal data Government

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

They can, however, engage in probing internal due diligence of their companies’ cyber governance and compliance posture before it is too late — that is, before a cyber event occurs. Responsibility for corporate cybersecurity extends from the chief information security officer’s office, to the C-suite, to the corporate boardroom.

Compliance

Compliance Cybersecurity Risk Government

India Drafts New Privacy Regulations

Hunton Privacy

MAY 18, 2011

On April 11, 2011, India adopted new privacy regulations, known as the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (the “Rules”). It must be processed only for the purpose for which it was collected.

Privacy

Privacy Personal data Data collection Compliance

Majority of CCPA Amendment Bills Passed by California Legislature

Hunton Privacy

SEPTEMBER 16, 2019

Section 145(g) would not apply to § 1798.100(b) of the CCPA, which provides that “a business that collect’s a consumer’s personal information shall, at or before the point of collection, inform consumers as to the categories of personal information to be collected and the purposes for which the categories of personal information shall be used.

Sales

Sales B2B Communications Data breaches

Article 29 Working Party Adopts Opinion on Cloud Computing

Hunton Privacy

JULY 4, 2012

Cloud providers (as data processors): Cloud providers must ensure the confidentiality of the personal data they handle, and they must comply with the requirements of Article 17 of the EU Data Protection Directive 95/46/EC (the “Data Protection Directive”) when providing the cloud services.

Cloud

Cloud Compliance Personal data Risk

Provisions on the Governance of Network Information Content Ecology Goes Into Effect in China

Hunton Privacy

MARCH 3, 2020

The Provisions govern China’s network information content ecology—including content producers (the “Producers”), content service platforms (the “Platforms”), content service users (the “Users”), industry organizations and Departments of Cyberspace Administration at all levels. Network Information Content – Categories of Information.

Government

Government Content services Marketing Privacy

China Releases National Standard on Personal Information Security

How to implement the General Data Protection Regulation (GDPR)

Webinars

Trending Sources

China Releases Draft Regulations on Network Data Security Management

Webinars

France: The CNIL publishes a practical guide on Data Protection Officers

Dutch DPA Updates Policy on Administrative Fines

Why risk assessments are essential for GDPR compliance

European Commission Proposes Revised Standard Contractual Clauses

Guest Post - Three Critical Steps for GDPR Compliance

European Commission Publishes Draft Data Governance Act

Article 29 Working Party Published Guidelines on Transparency under the GDPR

California Privacy Law Overhaul – Proposition 24 Passes

Data Protection and Privacy Commissioners Issue Global Connected Car Guidance

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

A 6-step guide to surviving data breaches

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

State Activity on Privacy: Vermont Is First to Regulate Data Brokers

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Final Rules for the Data Privacy Act Published in the Philippines

Ensure you’re #BreachReady in the media sector

When And How Cos. Should Address Cyber Legal Compliance

India Drafts New Privacy Regulations

Majority of CCPA Amendment Bills Passed by California Legislature

Article 29 Working Party Adopts Opinion on Cloud Computing

Provisions on the Governance of Network Information Content Ecology Goes Into Effect in China

Stay Connected