IT Governance

MAY 15, 2024

Physical access control, physical security monitoring, CCTV, and more When we hear the term ‘information security’ – or, for that matter, ‘ISO 27001’ – our thoughts usually turn straight to cyber security. However, physical security is also an important aspect of information and data security.

Security 52

Security Information Security Access Cloud 52

Hunton Privacy

SEPTEMBER 3, 2021

On September 2, 2021, Ireland’s Data Protection Commission (“DPC”) announced a fine of €225 million ($266 million) against WhatsApp Ireland Ltd (“WhatsApp”) for failure to meet the transparency requirements of Articles 12-14 of the EU General Data Protection Regulation (“GDPR”).

GDPR 101

GDPR Compliance Personal data Privacy 101

IT Governance

MARCH 27, 2018

Businesses are starting to panic as they try to comply with the General Data Protection Regulation (GDPR) before the May 2018 deadline. Many even believe that the GDPR won’t apply to them because they have fewer than 250 employees. Our small business guide to the GDPR should help clarify some of the key factors affecting SMEs.

GDPR 77

GDPR Compliance Personal data Information Security 77

eSecurity Planet

AUGUST 11, 2022

Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Essentially, we are securing an app at scale with enormous requirements for stored data, incoming data, data interactions, and network connections. Data Lake Security Scope.

Security 120

Security Encryption Cloud Access 120

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR 86

GDPR Compliance Personal data Access 86

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR 95

GDPR Personal data Data breaches Compliance 95

IT Governance

JULY 29, 2019

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? And did you know that the GDPR includes a sub-category of sensitive personal data that comes with its own requirements?

Personal data 75

Personal data GDPR Encryption Compliance 75

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 83

GDPR Compliance Privacy Data Privacy 83

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR 73

GDPR Privacy Personal data Passwords 73

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. One key part of this record-keeping activity is to document the category of individuals (employees, customers, etc.) What does Article 30 require? Formats (e.g.

GDPR 64

GDPR Personal data Risk Cloud 64

HL Chronicle of Data Protection

MARCH 20, 2019

On 14 March 2019, the Dutch data protection authority ( Autoriteit Persoonsgegevens , DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act).

GDPR 40

GDPR Data breaches Personal data IT 40

IT Governance

NOVEMBER 8, 2018

This blog was originally published before the GDPR took effect in May 2018. This blog explains how to write a GDPR-compliant DSAR (data subject access request) procedure to ensure you meet your obligations as a data controller. The categories of personal data involved. Data subject access request procedures under the GDPR.

GDPR 72

GDPR Access Personal data Compliance 72

IT Governance

JULY 18, 2018

Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. GDPR training. Certified EU GDPR Practitioner Training Course.

Personal data 74

Personal data GDPR Encryption Compliance 74

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). The Draft Regulations also will require the data handler to report a data breach to the Public Security Bureau if the breach involves a suspected crime.

Security 116

Security Data breaches Personal data Cybersecurity 116

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR 71

GDPR Risk Compliance Personal data 71

IT Governance

NOVEMBER 12, 2020

Each year, certain healthcare organisations must complete a self-assessment via the DSP (Data Security and Protection) Toolkit to demonstrate their data security and information governance compliance. The compliance requirements differ depending on which of four categories your organisation falls into.

Compliance 101

Compliance GDPR Information governance Personal data 101

IT Governance

MAY 9, 2019

HMRC (HM Revenue and Customs) has been told to delete more than five million people’s voice records after it was discovered that the way the information was collected breached the GDPR (General Data Protection Regulation). A public task : for example, to complete official functions or tasks in the public interest.

GDPR 53

GDPR Personal data Education Passwords 53

DLA Piper Privacy Matters

NOVEMBER 24, 2020

Background: How to calculate GDPR fines? How to properly calculate administrative fines for non-compliance with the EU General Data Protection Regulation (‘ GDPR ’) is one of the most important questions when applying the GDPR on practical level, e.g. : What is actually meant by the reference to “undertaking” in Article 83 (4) to (6) GDPR?

GDPR 75

GDPR Authentication Compliance Personal data 75

eSecurity Planet

JANUARY 5, 2023

for example, has recently seen a spate of attacks on power substations; capabilities unleashed by the war in Ukraine create the potential for much worse. Also read: SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Security Products Face Greater Scrutiny. Trade Cyberthreats. RaaS and CaaS Continue to Grow.

Security 145

Security Ransomware Cybersecurity Privacy 145

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The breach was reported to the ICO (Information Commissioner’s Office), which oversees GDPR compliance in the UK, and Mermaids is now subject to disciplinary action. What are charities’ GDPR requirements?

GDPR 56

GDPR Compliance Personal data Risk 56

DLA Piper Privacy Matters

SEPTEMBER 20, 2022

In this article we examine, by way of example, the differing regimes in place in Australia and the UK. For example, a patient suffering from a rare disease is involved in a clinical trial for a new treatment run by a local clinical trial company on behalf of an Australian research institution. United Kingdom.

Privacy 98

Privacy GDPR Personal data Risk 98

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance 49

Insurance GDPR Compliance Data collection 49

Hunton Privacy

APRIL 19, 2021

If the adequacy decision is adopted, transfers of personal data from the EU to the UK may continue following the end of the post-Brexit transition period without the implementation of a data transfer mechanism under the EU General Data Protection Regulation (“GDPR”), such as Standard Contractual Clauses.

GDPR 81

GDPR Personal data Access Security 81

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR 79

GDPR Privacy Sales Data breaches 79

DLA Piper Privacy Matters

OCTOBER 24, 2019

On 16 October 2019 – after weeks of rumors and speculations – the German data protection authorities (‘DPAs’) published their guidelines (‘ Guidelines’ ) for calculating administrative fines under Article 83 General Data Protection Regulation (‘ GDPR’ ). This is used to assign the undertaking to a specific size-category.

GDPR 40

GDPR Compliance Personal data IT 40

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Alteration of personal data without permission : for example, someone accessing the school’s payroll system and changing staff pay grades.

Personal data 105

Personal data Data breaches Data collection GDPR 105

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR 40

GDPR Personal data Privacy Information architecture 40

eSecurity Planet

JULY 12, 2023

Cloud security posture management (CSPM) tools continuously monitor, identify, score, and remediate security and compliance concerns across cloud infrastructures as soon as problems arise. usage fee per Enterprise Cloud Security Platform unit used. usage fee per Enterprise Cloud Security Platform unit used.

Cloud 98

Cloud Security Compliance Risk 98

Data Protection Report

MARCH 7, 2024

Approximately at the same time as the Executive Order that we described in Part 1 was issued, the Attorney General (AG) unofficially released 90 pages of Advanced Notice of Proposed Rulemaking (ANPRM), which will become official once published in the Federal Register. Which countries are “countries of concern”?

Access 59

Access Military Compliance Personal data 59

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission).

Privacy 85

Privacy GDPR Data breaches Risk 85

Data Matters

JUNE 26, 2018

6 general election ballot. Many see the law as having echoes of the new European General Data Protection Regulation (GDPR) that went into effect on May 25. any of the categories of information set forth above as they pertain to the minor children of the consumer. biometric data. geolocation data. psychometric information.

Privacy 60

Privacy GDPR Sales Data breaches 60

Data Matters

JUNE 5, 2021

The New SCCs take into account the Court of Justice of the European Union’s ( CJEU ) decision in Schrems II , requirements under the EU General Data Protection Regulation ( GDPR ), and according to the EC “address the realities faced by modern business”. However, their formulation (i.e.,

GDPR 117

GDPR Personal data IT Data breaches 117

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR 60

GDPR Privacy Sales Data breaches 60

Hunton Privacy

DECEMBER 15, 2017

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). The Guidance provides further detail on what is necessary to ensure that consent satisfies the requirements of the GDPR: Freely given.

GDPR 63

GDPR Personal data Risk Compliance 63

DLA Piper Privacy Matters

JANUARY 26, 2022

With the General Data Protection Regulation (GDPR), adopted in 2016, the EU has created a solid framework for the protection of personal data in line with the EU Charter of Fundamental Rights. GDPR as a baseline for the protection of personal data. By: Heidi Waem , Simon Verschaeve. the proposed Digital Markets Act.

Personal data 98

Personal data GDPR Computer and Electronics Artificial Intelligence 98

Hunton Privacy

JULY 26, 2019

Although the Guidelines provide examples of data processing for video surveillance, these examples are not exhaustive. The Guidelines aim to provide guidance on how to apply the EU General Data Protection Regulation (“GDPR”) in all potential areas of video device use.

GDPR 57

GDPR Personal data Privacy Compliance 57

Hunton Privacy

DECEMBER 20, 2017

The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”). This means controllers that attempt to hide processing information in the middle of wider terms and conditions will be in breach of the GDPR.

GDPR 62

GDPR Personal data Privacy Communications 62