Hunton Privacy

MARCH 10, 2021

On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation.

Data breaches 96

Data breaches GDPR Personal data Risk 96

AIIM

JUNE 26, 2018

Now that the EU General Data Protection Regulation (GDPR) is in force organizations are ramping up their efforts to re-fresh data subject consent obtained prior to GDPR and under the EU Data Protection Directive 95/46/EC by virtue of which opt-out, or implied consent was permissible. Furthermore, the.

GDPR 107

GDPR Privacy Marketing Sales 107

IT Governance

JULY 2, 2020

What is the GDPR? Second, organisations must implement security measures to protect personal data from being breached or misused, and they must disclose any security incidents involving this data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law.

GDPR 111

GDPR Personal data Data breaches Compliance 111

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” SecurityAffairs – hacking, GDPR).

Retail 112

Retail GDPR Sales Privacy 112

IT Governance

MARCH 6, 2019

The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection. What the GDPR says about reducing risk. ISO 27001 and the GDPR.

Information Security 90

Information Security GDPR Data breaches Compliance 90

IT Governance

FEBRUARY 22, 2022

Information security management is a way of protecting an organisation’s sensitive data from threats and vulnerabilities. The process is typically embedded via an ISMS (information security management system) , which provides the framework for managing information security. Why is information security management important?

Information Security 138

Information Security Security Data breaches Risk 138

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR 110

GDPR Privacy Retail Personal data 110

AIIM

SEPTEMBER 12, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 91

GDPR Government Information governance Compliance 91

Data Matters

SEPTEMBER 18, 2020

On 2 September 2020, the European Data Protection Board ( EDPB ) published draft guidelines on the concepts of controller and processor under the GDPR ( Draft Guidelines ). The Draft Guidelines provide further examples of what such essential and non-essential processing may entail. The Draft Guidelines consist of two parts.

GDPR 97

GDPR Personal data Compliance Access 97

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR 86

GDPR Compliance Personal data Access 86

Krebs on Security

DECEMBER 6, 2023

ICANN made the policy change in response to the General Data Protection Regulation (GDPR), a law enacted by the European Parliament that requires companies to gain affirmative consent for any personal information they collect on people within the European Union. The RDRS portal.

Phishing 223

Phishing GDPR Personal data Communications 223

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR 83

GDPR Compliance Digital preservation Artificial Intelligence 83

IT Governance

SEPTEMBER 17, 2019

We have good news for those looking for help complying with the GDPR (General Data Protection Regulation) : new guidance has been released on how to create effective data privacy controls. ISO 27701 and ISO 27001: privacy vs security. ISO 27701 and the GDPR. However, they aren’t identical.

Data Privacy 92

Data Privacy GDPR Compliance Privacy 92

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR 80

GDPR Compliance Digital preservation Artificial Intelligence 80

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR 95

GDPR Personal data Data breaches Compliance 95

IT Governance

NOVEMBER 7, 2019

All organisations need help complying with the GDPR (General Data Protection Regulation). Let’s take a look at what it covers and how it simplifies your GDPR requirements. vsRisk Cloud , for conducting information security risk assessments. vsRisk Cloud , for conducting information security risk assessments.

GDPR 84

GDPR Compliance Risk Cloud 84

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR 73

GDPR Privacy Personal data Passwords 73

IT Governance

JULY 25, 2018

One overlooked side-effect of the GDPR (General Data Protection Regulation) is the extent to which data privacy and information security have become widely discussed. For example, the below screenshot shows a friend asking me about a suspicious link.

GDPR 68

GDPR Phishing Security Data Privacy 68

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance 115

Compliance Security Cybersecurity Marketing 115

IT Governance

DECEMBER 20, 2023

Making compliance easy with our Cloud-based solution CyberComply is a Cloud-based, end-to-end solution that simplifies compliance with a range of cyber security and data privacy standards and laws, including ISO 27001 , the GDPR (General Data Protection Regulation), and more. Another obvious example is AI.

GDPR 103

GDPR Compliance Data Privacy Privacy 103

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 83

GDPR Compliance Privacy Data Privacy 83

Data Matters

JULY 8, 2019

Today we saw the ICO issue a notice of its intention to fine British Airways £183.39m for infringements of the GDPR – a record fine and the largest seen in the UK and the EU. This action by the ICO demonstrates that they are prepared to enforce the GDPR and levy significant fines.

GDPR 74

GDPR Privacy Data breaches Risk 74

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. That’s understandable. The basics. Responsibilities of the data processor.

GDPR 107

GDPR Retail Data collection Personal data 107

IT Governance

MAY 17, 2022

Cyber security audits are a vital component of an organisation’s defences against data breaches and privacy violations. By probing organisations’ systems and services, an auditor can identify security weaknesses, and determine whether their practices comply with relevant laws, such as the GDPR (General Data Protection Regulation).

IT 126

IT Security Data breaches GDPR 126

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. DPO as a service (GDPR). This blog has been updated to reflect industry updates.

Personal data 95

Personal data GDPR Education Government 95

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. The GDPR impacts both data controllers (legal entities such as companies) as well as data processors (SaaS providers).

GDPR 40

GDPR Compliance Personal data Data Privacy 40

IT Governance

MARCH 27, 2018

Businesses are starting to panic as they try to comply with the General Data Protection Regulation (GDPR) before the May 2018 deadline. Many even believe that the GDPR won’t apply to them because they have fewer than 250 employees. Our small business guide to the GDPR should help clarify some of the key factors affecting SMEs.

GDPR 77

GDPR Compliance Personal data Information Security 77

DLA Piper Privacy Matters

MARCH 7, 2023

Authors: Andreas Rüdiger , Philipp Adelberg On 14 February 2023, the European Data Protection Board (“ EDPB ”) published the updated and final version of its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR ( EDPB Guidelines 05/2021 ).

GDPR 52

GDPR Personal data Risk Access 52

IT Governance

NOVEMBER 24, 2021

But as is often the case with technological solutions, the benefits of convenience comes with security risks. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. Data breaches.

Cloud 133

Cloud Risk Security Data breaches 133

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR 60

GDPR Personal data Privacy Manufacturing 60

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR 60

GDPR Personal data Privacy Manufacturing 60

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR 75

GDPR Compliance Security awareness Education 75

IT Governance

OCTOBER 29, 2018

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Staff awareness training for the GDPR does not mean simply briefing your employees about the Regulation.

GDPR 75

GDPR Compliance Security awareness Education 75

Schneier on Security

OCTOBER 3, 2018

The EU's GDPR regulation requires companies to report a breach within 72 hours. Alex Stamos, former Facebook CISO now at Stanford University, points out how this can be a problem: Interesting impact of the GDPR 72-hour deadline: companies announcing breaches before investigations are complete. Last week's Facebook hack is his example.

GDPR 91

GDPR IT 91

IT Governance

NOVEMBER 7, 2018

This blog was originally published before the GDPR took effect in May 2018. An integral part of your EU GDPR (General Data Protection Regulation) project is producing appropriate documentation to demonstrate your compliance – in line with the requirement for accountability set out in Article 5(2). Updated 7 November 2018.

GDPR 75

GDPR Compliance Personal data Government 75

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR 71

GDPR Risk Compliance Personal data 71

Thales Cloud Protection & Licensing

MARCH 21, 2018

I was fortunate to be one of the presenters at SecureWorld’s recent web conference on “ Deploying Containers in the Age of GDPR.” A real-time poll of webinar participants asked how ready they think their organizations are for the GDPR deadline of May 25, 2018. I suggest you check it out. Here is a taste of what we discussed.

GDPR 83

GDPR Encryption Personal data Compliance 83