Examples, Exercises, GDPR and Security - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Retail Personal data

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

Data Matters

JULY 8, 2019

Today we saw the ICO issue a notice of its intention to fine British Airways £183.39m for infringements of the GDPR – a record fine and the largest seen in the UK and the EU. This action by the ICO demonstrates that they are prepared to enforce the GDPR and levy significant fines.

GDPR

GDPR Privacy Data breaches Risk

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

With many employees now working remotely, securing company data isn’t as straightforward as it used to be. International workforces can be an excellent way to find top talent, but they can introduce unique security risks. Countries have different data security laws, and these can get in the way of one another.

Communications

Communications Cybersecurity GDPR Risk

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Privacy Data Privacy

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. The involvement of an entity is triggered when it exercises ‘decisive influence’.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. The involvement of an entity is triggered when it exercises ‘decisive influence’.

GDPR

GDPR Personal data Privacy Manufacturing

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR

GDPR Personal data Data breaches Compliance

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

If the EU’s ‘level data protection playing field’ means continuing to fully implement all aspects of European data protection law, including all aspects of the two-year-old General Data Protection Regulation (GDPR), then what was the point of Brexit? The GDPR has had a profound impact on many organisations.

Privacy

Privacy GDPR Personal data Computer and Electronics

Is your organisation equipped for long-term GDPR compliance?

IT Governance

MAY 28, 2019

Last week, the GDPR (General Data Protection Regulation) turned one year old. GDPR compliance is an ongoing process and should be embedded by design in your data protection practices. The GDPR is as broad as possible when it comes to the security measures that organisations should implement.

GDPR

GDPR Compliance Personal data Risk

Driving GDPR Compliance

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. But hurriedly planning for the GDPR is not the solution. Six phases of GDPR compliance.

GDPR

GDPR Compliance Personal data Data Privacy

How to write a GDPR-compliant data subject access request procedure

IT Governance

MARCH 20, 2018

In the lead up to May, it is important your organisation prioritises steps to prove that you are making an effort to comply with the EU General Data Protection Regulation (GDPR). D ata subject access request procedures under the GDPR. What is a data subject access request?

GDPR

GDPR Access Personal data Compliance

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

This blog was originally published before the GDPR took effect in May 2018. This blog explains how to write a GDPR-compliant DSAR (data subject access request) procedure to ensure you meet your obligations as a data controller. Data subject access request procedures under the GDPR. Updated X November 2018.

GDPR

GDPR Access Personal data Compliance

10 key areas to identify gaps in your GDPR compliance

IT Governance

APRIL 12, 2018

Compliance with the EU General Data Protection Regulation (GDPR) should be a priority for all EU organisations, and non-EU organisations that monitor the behaviour or offer goods and services to EU residents. The GDPR is far more extensive in scope and application than the current Data Protection Act.

GDPR

GDPR Compliance Personal data Risk

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. You might be surprised at how often your information is copied or transferred, which is why the GDPR makes it such a top priority. What does Article 30 require? Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

Where does data flow mapping fit into your GDPR compliance project?

IT Governance

MAY 9, 2018

A data flow map should be one of the first things your organisation produces as you prepare for the EU General Data Protection Regulation (GDPR). You might be surprised at how often your information is copied or transferred, which is why the GDPR makes it such a top priority. Where to begin? names, email addresses, records).

GDPR

GDPR Compliance Personal data Paper

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR

GDPR Personal data Compliance Privacy

Avoiding, Managing And Responding To Cyber Incidents

Data Protection Report

NOVEMBER 2, 2023

Regulated firms remain responsible for any data that they outsource and, in line with this, they must exercise appropriate oversight of any outsourcing – firms may want to consider, for example, what would happen if there was an issue, including whether back-up is adequate and if they would receive appropriate information if something did go wrong.

GDPR

GDPR Risk Cybersecurity Compliance

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

Hunton Privacy

DECEMBER 15, 2017

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). The Guidance provides further detail on what is necessary to ensure that consent satisfies the requirements of the GDPR: Freely given.

GDPR

GDPR Personal data Risk Compliance

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR

GDPR Privacy Sales Data breaches

EDPB Releases Opinion on Interplay Between the ePrivacy Directive and the GDPR and a Statement on the ePrivacy Regulation

Hunton Privacy

MARCH 19, 2019

On March 12, 2019, the European Data Protection Board (“EDPB”) adopted an opinion on the interplay between the EU Directive on Privacy and Electronic Communications (“the ePrivacy Directive”) and the General Data Protection Regulation (“GDPR”) (the “Opinion”). Interplay between the ePrivacy Directive and the GDPR.

GDPR

GDPR Personal data Communications Government

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

5 best online cyber security training courses and certifications in 2020

IT Governance

APRIL 20, 2020

With the coronavirus pandemic keeping us stuck inside and struggling to find ways to remain productive, now might be the perfect time to take an online cyber security training course. Let’s take a look at five of the best online courses for cyber security. Certified Cyber Security Foundation Training Course.

Security

Security GDPR Phishing Data breaches

What is data protection by design and default

IT Governance

JUNE 13, 2019

If your organisation is subject to the GDPR (General Data Protection Regulation) , you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold. Data protection by design and by default has been recommended good practice since long before the GDPR took effect.

GDPR

GDPR Personal data Compliance Privacy

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The guide is in line with the Article 29 Working Party Guidelines on Data Protection Officers (WP 243 rev 01) , but provides additional insights and practical guidance to organizations that designate a DPO in respect of GDPR and French data protection act requirements. Be the point of contact on GDPR issues.

GDPR

GDPR Compliance Personal data Communications

What is ‘privacy by design’?

IT Governance

FEBRUARY 28, 2018

Privacy by design and the GDPR. The upcoming EU General Data Protection Regulation (GDPR) will supersede the DPA. Article 25 of the GDPR, “[d]ata protection by design and default”, requires you to “implement appropriate technical and organisational measures” throughout your data processing project.

Privacy

Privacy GDPR Personal data Compliance

U.S. Government White Paper to Help Companies Address the EU’s National Security Concerns in Schrems II

Data Matters

SEPTEMBER 30, 2020

national security law did not provide equivalent privacy protections to those available in the EU. national security law protects EU personal data. Given the detail set forth in the Paper, and the CJEU’s silence regarding any actual comparison of the relative national security safeguards of the U.S. agencies is compelling.

Paper

Paper Government Security Privacy

A deeper dive into the new Standard Contractual Clauses

Data Protection Report

JUNE 7, 2021

In particular, the New SCCs now helpfully provide for processor-to-processor transfers; (b) give the clauses a GDPR ‘face lift’, including to update cross references to legislation and to ensure alignment with the requirements of the GDPR; and. (c) Article 4 of Implementing Decision ). Module 1, clause 8.5(e) Module 1, clauses 8.5;

Personal data

Personal data GDPR Data breaches Access

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

Reassuringly, the PDPL does not contain any major divergences from other well-known data protection regimes, including the GDPR. The requirements regarding keeping data secure, and new data breach obligations, will definitely up the ante for businesses in the UAE to take cyber security seriously.

Personal data

Personal data Data breaches GDPR Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). The GDPR and CCPA take different approaches to defining the types of entities that must comply with the law.

GDPR

GDPR Privacy Personal data Sales

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR

GDPR Privacy Sales Data breaches

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Meanwhile, GDPR (General Data Protection Regulation) enforcement continues apace. million) fine for twelve breaches of the GDPR.

Security

Security Data breaches Ransomware Military

One week into GDPR – what you need to know

Data Protection Report

JUNE 4, 2018

Websites go dark, complaints are filed within an hour, European Commission suffers an embarrassing data leak, and the US Commerce Secretary warns about the unintended trade impact of the law – all in the first week of the GDPR. billion – roughly 4 percent of each company’s revenue for 2017, the maximum penalty allowed under the GDPR.

GDPR

GDPR Compliance Personal data Privacy

Free resources to help you prevent and respond to data breaches

IT Governance

SEPTEMBER 20, 2018

The situation might seem hopeless, with cyber criminals outnumbering overworked and underfunded information security personnel, but there are plenty of ways you can improve your defences, even on a tight budget. GDPR webinars : The GDPR has been described as the most significant change to data protection rules in decades.

Data breaches

Data breaches GDPR Security awareness Paper

CNIL’s New Guidelines on HR Processing

HL Chronicle of Data Protection

APRIL 21, 2020

When the GDPR became effective, the CNIL’s previous set of HR Data guidelines became out of date as they did not incorporate the new law’s requirements ( e.g. obligations relating to records of processing activities and Data Protection Impact Assessments).

Personal data

Personal data GDPR Big data Compliance

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 15, 2019

1, 2020, grants to the state’s over 40 million people a range of rights comparable to the rights given to European citizens with the General Data Protection Regulation (GDPR)–the two legislations are not that similar, but they do share some general features, GDPR is an omnibus law, while CCPA is more limited.

Privacy

Privacy GDPR Digital transformation Sales

Schrems II judgement due in July – what this might mean for your outsourcing deal

Data Protection Report

JUNE 17, 2020

The opinion suggested that parties using the SCCs need to make an assessment of whether the national security, communication and surveillance laws of the country of the data importer are “essentially equivalent” to those in the EU, i.e. they respects privacy rights and freedoms, provide effective remedies, etc.

Personal data

Personal data Communications Access GDPR

What is the Data Protection Act 2018?

IT Governance

MARCH 11, 2019

In the run-up to the GDPR (General Data Protection Regulation) , experts repeatedly described the law as the successor to the UK’s DPA (Data Protection Act) 1998. But that was somewhat misleading, because the same day the GDPR came into force, the UK adopted the DPA 2018. Lastly, it modifies the GDPR in several ways. Wait… what?

GDPR

GDPR Personal data Compliance Government

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). The GDPR and CCPA take different approaches to defining the types of entities that must comply with the law.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). The GDPR and CCPA take different approaches to defining the types of entities that must comply with the law.

GDPR

GDPR Privacy Personal data Sales

EU Regulatory Data Protection: A first appraisal of the European Commission’s proposal for a ‘Data Act’

DLA Piper Privacy Matters

FEBRUARY 23, 2022

This means that the Data Act would further regulate personal data in addition to the GDPR. It would also extend certain GDPR-like obligations to non-personal data, such as data portability and data transfer restrictions for non-personal data, as well as introduce completely new rules.

GDPR

GDPR Personal data IoT Access

Belgian DPA Publishes Guidance on Temperature Checks for COVID-19 Monitoring

Hunton Privacy

JUNE 9, 2020

However, the simple reading of individuals’ temperatures without recording any data does not constitute a processing activity under the EU General Data Protection Regulation (“GDPR”) and is therefore allowed from a data protection standpoint.

GDPR

GDPR Personal data Access IT

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Privacy and Cybersecurity Law

JULY 26, 2021

The Company was found guilty of infringing the following provisions of Regulation EU 2016/679 (“ GDPR ”): Information provided to the riders pursuant to Article 13 of the GDPR. The Company was also charged with the violation of Articles 5(1)(c) and 25 of the GDPR. Security measures in place. Retention period.

Personal data

Personal data GDPR e-Delivery Communications

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Webinars

Trending Sources

Does your use of CCTV comply with the GDPR?

Webinars

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Data Protection: Where’s the Brexit Privacy Dividend?

Is your organisation equipped for long-term GDPR compliance?

Driving GDPR Compliance

How to write a GDPR-compliant data subject access request procedure

How to write a GDPR-compliant data subject access request procedure – with template

10 key areas to identify gaps in your GDPR compliance

How to comply with Article 30 of the GDPR

Where does data flow mapping fit into your GDPR compliance project?

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Avoiding, Managing And Responding To Cyber Incidents

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

California Enacts Broad Privacy Laws Modeled on GDPR

EDPB Releases Opinion on Interplay Between the ePrivacy Directive and the GDPR and a Statement on the ePrivacy Regulation

GDPR is upon us: are you ready for what comes next?

5 best online cyber security training courses and certifications in 2020

What is data protection by design and default

France: The CNIL publishes a practical guide on Data Protection Officers

What is ‘privacy by design’?

U.S. Government White Paper to Help Companies Address the EU’s National Security Concerns in Schrems II

A deeper dive into the new Standard Contractual Clauses

UAE: Federal level data protection law enacted

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Enacts Broad Privacy Protections Modeled on GDPR

2022 Cyber Security Review of the Year

One week into GDPR – what you need to know

Free resources to help you prevent and respond to data breaches

CNIL’s New Guidelines on HR Processing

How to prepare for the California Consumer Privacy Act

Schrems II judgement due in July – what this might mean for your outsourcing deal

What is the Data Protection Act 2018?

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

EU Regulatory Data Protection: A first appraisal of the European Commission’s proposal for a ‘Data Act’

Belgian DPA Publishes Guidance on Temperature Checks for COVID-19 Monitoring

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Stay Connected