Data Matters

JUNE 13, 2022

More than ever, a ‘joined up’ approach is required to assess them, and the UK’s main regulators are working together to try to formulate a coherent policy, setting an interesting example that could be a template for global approaches to digital regulation. This can result in difficulties in people exercising their rights (e.g.,

Paper 97

Paper Communications Risk Marketing 97

eSecurity Planet

SEPTEMBER 23, 2022

Also read: Security Compliance & Data Privacy Regulations. For example, in the Enron financial fraud, executives and board members claimed ignorance or that they could not understand the financial maneuvering of Enron’s CFO (chief financial officer). SEC cybersecurity policies preparation. SOX: A Template of Success.

Cybersecurity 111

Cybersecurity Compliance Risk Communications 111

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. If you’re using CCTV to monitor employees, you should also explain in your privacy policy that they are being recorded. What’s the difference between a privacy policy and privacy notice?

GDPR 110

GDPR Privacy Retail Personal data 110

IBM Big Data Hub

JANUARY 22, 2024

The law outlines a set of data privacy rights for users and a series of principles for the processing of personal data. Subjects need not be EU citizens to have data privacy rights under the GDPR. Returning to a previous example, a company collecting phone numbers for marketing purposes would be a controller.

GDPR 90

GDPR Compliance Personal data Privacy 90

John Battelle's Searchblog

APRIL 19, 2020

The company then updated its privacy policies , bowing to criticism that it might leverage user data in a manner similar to Google and Facebook (more on that below). For the past 18 months, that study has focused on the terms of service and privacy policies of the Big Four. You can find our initial findings here.

Privacy 115

Privacy Data collection Marketing Communications 115

Thales Cloud Protection & Licensing

AUGUST 15, 2019

375 the California Consumer Privacy Act (CCPA), making California the first U.S. state to pass its own data privacy law. For example, data collected by an entity may not be associated with an individual but could identify a household. On June 28, 2018 the governor of California Jerry Brown signed into law with Assembly Bill No.

Privacy 92

Privacy GDPR Digital transformation Sales 92

Hunton Privacy

MARCH 11, 2019

On March 5, 2019, the Global Privacy Enforcement Network (“GPEN”), a global network of more than 60 data protection authorities (“DPAs”) around the world, published the results of its 2018 intelligence gathering operation on organizations’ data privacy accountability practices (the “Sweep”).

Privacy 74

Privacy Data Privacy GDPR Personal data 74

Data Matters

NOVEMBER 16, 2020

If you operate in Singapore, handle Singapore data, or maintain a server in Singapore, it is crucial that you have protocols in place to guide employees on what to do when a data breach occurs and consider doing a data breach tabletop exercise. (We Carry out data breach drills or tabletop exercises.

Data Privacy 68

Data Privacy Privacy Data breaches Personal data 68

AIIM

MAY 12, 2022

Widespread, Years-Long Recordkeeping Failures – Policies in Place, But No Oversight. In one example highlighted by the SEC, a managing director used a personal device to communicate about securities matters. JPMS maintained policies and procedures designed to ensure the retention of business-related records.

Communications 115

Communications Information governance Compliance Government 115

IT Governance

FEBRUARY 28, 2018

Privacy by design is a voluntary approach to projects that promotes privacy and data protection compliance, and helps you comply with the Data Protection Act 1998 (DPA). Privacy by design and the GDPR. Existing data is used for new purposes. The upcoming EU General Data Protection Regulation (GDPR) will supersede the DPA.

Privacy 68

Privacy GDPR Personal data Compliance 68

HL Chronicle of Data Protection

MARCH 5, 2020

Some relevant examples include, but are not limited to: Companies sending emails to clients mentioned in their listing; NGOs delivering mail to a list of subscribers to inform them on a new campaign; and. Fulfilment of Transparency Obligations and making sure that Data Subjects can exercise their rights. Right to Object.

Marketing 59

Marketing GDPR Personal data Healthcare 59

Hunton Privacy

MARCH 29, 2023

On Monday, March 27, 2023, the Centre for Information Policy Leadership (CIPL) at Hunton Andrews Kurth submitted a response to the California Privacy Protection Agency (CPPA)’s Invitation for Preliminary Comments on Proposed Rulemaking for cybersecurity audits, risk assessments and automated decisionmaking.

Risk 58

Risk Personal data Cybersecurity Compliance 58

Data Matters

SEPTEMBER 30, 2020

Privacy Shield as a basis for transferring EU personal data to the United States because of the Court’s view that U.S. national security law did not provide equivalent privacy protections to those available in the EU. While not opining on EU law, the Paper seeks to “provide a detailed discussion” of “privacy protections in current U.S.

Paper 128

Paper Government Security Privacy 128

IT Governance

JUNE 13, 2019

This essentially means that you must consider privacy and information security risks at the outset of all projects that involve personal data. In this blog, we explain how data protection by design and by default works, and provide examples of the steps you should take to achieve it. Examples of data protection by design.

GDPR 90

GDPR Personal data Compliance Privacy 90

Collibra

MARCH 12, 2020

Collibra recently partnered with Kelle O’Neal, CEO of First San Francisco Partners (FSFP), to host a joint webinar “ Meeting the CCPA Challenge ” about the complexities of the California Consumer Protection Act (CCPA) for the International Association of Privacy Professionals (IAPP). Competition is fierce. Right to equal service.

Data Privacy 59

Data Privacy Privacy Government Compliance 59

Collibra

DECEMBER 30, 2020

CCPA stands for California Consumers Privacy Act (2018), intended to enhance privacy rights and consumer protection for residents of California, United States. . Businesses are required to give consumers notice explaining their privacy practices and not discriminate against consumers for exercising their rights under the CCPA.

Compliance 59

Compliance Sales Privacy Data Privacy 59

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. 4 Consumer Protection Privacy Act. 6 Colorado Privacy Act.

Personal data 100

Personal data GDPR Privacy Records Management 100

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The DPO must be invited to strategic meetings and requested to provide advice on all processing where his/her intervention or presence must be systematic, notably in case of evolution of processing, conduct of a data protection impact assessment(“DPIA”), revision of existing privacy policies or drafting of new policies, data breaches etc.

GDPR 116

GDPR Compliance Personal data Communications 116

Data Matters

JULY 8, 2019

Ensuring that a company is properly prepared for and responds to privacy and cyber security threats is a key corporate governance responsibility for directors and senior officers. Carry out a gap assessment of existing cyber security policies and procedures against information security regulatory requirements in the EU, US and elsewhere.

GDPR 74

GDPR Privacy Data breaches Risk 74

Data Matters

OCTOBER 22, 2019

In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. Businesses, consumer advocates, and privacy watchers thus have been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate.

Privacy 60

Privacy Sales Paper Compliance 60

Hunton Privacy

JULY 14, 2020

On July 8, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its White Paper (the “Paper”) as input for the European Data Protection Board’s (the “EDPB”) future guidelines on data subject rights (“DSRs”) (the “Guidelines”). The Paper also provides recommendations relating to specific DSRs.

Paper 108

Paper GDPR Education Access 108

IT Governance

MAY 28, 2019

Whether the panic and stress that accompanied the compliance deadline feels like a distant memory or still gives you nightmares, your data protection and privacy posture is something that shouldn’t be in your rear-view mirror. It could be a simple tick-box exercise, with the unchecked steps forming the gaps that need to be addressed.

GDPR 72

GDPR Compliance Personal data Risk 72

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. Restoration of privacy policy disclosures (§ 999.308). Guidance on user-enabled global privacy controls (§ 999.315).

Privacy 68

Privacy Sales Insurance Compliance 68

DLA Piper Privacy Matters

OCTOBER 7, 2021

For example, an unlawful transfer of personal data outside of KSA can result in a criminal conviction and imprisonment. The PDPL is a law that applies on a national level and so, unlike other KSA sector specific laws dealing with privacy laws to date, the PDPL will apply to all sectors (with certain possible exceptions, discussed below).

Personal data 96

Personal data Compliance Computer and Electronics IoT 96

Data Matters

JUNE 11, 2020

Accordingly, we suggest best practices with respect to the design and implementation of policies and procedures relating to the treatment of MNPI. 2 Just based on purported policies and procedures violations, and without any finding that insider trading occurred, the adviser was censured and paid a significant civil money penalty.

Risk 76

Risk Compliance Access IT 76

Hunton Privacy

MAY 15, 2018

On May 14, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP published a study on how the ePrivacy Regulation will affect the design and user experiences of digital services (the “Study”).

Privacy 53

Privacy Personal data Communications Risk 53

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 84

Privacy GDPR Data breaches Risk 84

Data Matters

JANUARY 3, 2019

These include, for example, insurers, investment service companies and providers of information society services. Digital Rights: the LOPDGDD introduces a number of new digital rights for individuals which go beyond those provided in the GDPR e.g., the right to privacy and use of digital devices in the workplace.

GDPR 68

GDPR Personal data Privacy Insurance 68

Armstrong Archives

AUGUST 25, 2023

The Health Insurance Portability and Accountability Act (HIPAA) ensures individuals’ health data protection and privacy. It’s all about creating the perfect balance between optimal medical services while upholding patient privacy. This breach of privacy could harm the patient and cause consequences for the hospital.

Computer and Electronics 52

Computer and Electronics Insurance Compliance Risk 52

Gimmal

JUNE 10, 2022

At the same time, you had a couple of other trends, the first of which is privacy and things like CCPA and GDPR that turned the burden of proof on information governance on its head. Read more: Status and Progress of Privacy Compliance in the U.S. IT teams, and more specifically, legal teams, need to mitigate and manage that risk.

Information governance 52

Information governance Government Privacy Risk 52

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR 79

GDPR Privacy Sales Data breaches 79

eSecurity Planet

DECEMBER 9, 2021

For example, we might nominate: The IT security manager to handle a ransomware incident; Our external accountant to investigate financial fraud; or. Creating a written incident response policy or checklist will similarly help staff dealing with the stress of an incident so that no basic steps will be overlooked. Document contingencies.

Insurance 121

Insurance Ransomware Data breaches Cloud 121

IT Governance

SEPTEMBER 8, 2021

Organisations that adopted hybrid working during the pandemic have had to adjust many policies and processes, but one that they may have overlooked is their CIR (cyber incident response) plan. They might, for example, need to approve additional actions or adjust the plan depending on the organisation’s ability to complete certain actions.

Communications 126

Communications Risk Education Compliance 126

Hunton Privacy

FEBRUARY 25, 2020

With this Recommendation, the Belgian DPA aims to clarify the complex rules relating to the processing of personal data for direct marketing purposes, including by providing practical examples and guidelines to the different stakeholders involved in direct marketing activities. Purchase , Rental and Enrichment of Personal Data.

Marketing 109

Marketing Personal data GDPR Communications 109

ARMA International

JULY 17, 2023

Helpfully they can be neatly divided into the challenges of offboarding, and those of onboarding—and firms should have policies, systems, processes, and procedures for both. So, caution should be exercised. Management of offboarding The bad news is that offboarding is the sticky end of the lollipop.

Information governance 52

Information governance Government Risk IT 52

IT Governance

MAY 7, 2019

DPOs need to work with staff to answer data protection questions, monitor the organisation’s data protection policies and procedures, and, of course, have expert knowledge of the GDPR (General Data Protection Regulation). It’s only through practical exercises that DPOs can learn to bridge that gap. Interested in a DPO masterclass?

GDPR 63

GDPR Data breaches Compliance Privacy 63

Collibra

MAY 5, 2020

Many of the new headlines warn the public about the dangers the digital world places on our privacy. If a company uses data unethically and privacy is compromised, the public will know about it. Privacy concerns hinder the excitement over the downpour of data. Why is data governance important to data privacy?

Data Privacy 66

Data Privacy Government Privacy Compliance 66