2017, Examples and Personal data - Information Management Today

List of mandatory documents required by the GDPR

IT Governance

JULY 31, 2019

Personal Data Protection Policy (Article 24). A data protection policy is a statement that sets out how your organisation protects personal data. If you are unsure what your data protection policy should include, this template , created by our expert GDPR practitioners, can help you create one in minutes.

GDPR

GDPR Data breaches Personal data Compliance

Average cost of cyber crime rises to £10.3 million

IT Governance

JUNE 3, 2020

million) in 2017 to $13 million (£10.3 This represents a 12% increase year-on-year and a 73% increase over a five-year span, demonstrating how rapidly the cost of cyber crime is growing. For example, they might fall for a phishing scam, fail to apply appropriate defences, accidentally delete sensitive information or dispose of it.

Ransomware

Ransomware Personal data Phishing Risk

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Data Breach Notification

Hunton Privacy

DECEMBER 7, 2017

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”). Risk Assessment. Timing of Notification.

Data breaches

Data breaches Personal data GDPR Risk

Heathrow Airport fined £120,000 for data breach

IT Governance

OCTOBER 9, 2018

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. How did the data breach occur? However, the ICO hasn’t confirmed this.

Data breaches

Data breaches Personal data Libraries Information Security

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

DECEMBER 20, 2017

On December 12, 2017, the Article 29 Working Party (“Working Party”) published its guidelines on transparency under Regulation 2016/679 (the “Guidelines”). The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Personal data Privacy Communications

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

I've become more familiar with this sector over recent years due to the frequency with which it's been suffering data breaches that have ultimately landed in my inbox. — Troy Hunt (@troyhunt) November 15, 2016 Time and time again since that poll, a pulse check of subscriber sentiment has returned similar results.

Data breaches

Data breaches e-Delivery Cloud Information Security

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? It continues to be effective for any organisation that processes the personal data of, or monitors the behaviour of, EU residents.

GDPR

GDPR Compliance Data breaches Personal data

Parenting support club Bounty fined in ‘unprecedented’ data breach

Data Protection Report

APRIL 18, 2019

On 12 April, the Information Commissioners Office ( ICO ) fined Bounty , a pregnancy and parent support club, £400,000 for illegally sharing personal data belonging to more than 14 million people. Further, the ‘offline’ registrants were not given access to Bounty’s Privacy Policy (the Policy ) at the point of registration.

Data breaches

Data breaches Personal data Data collection Marketing

UK data protection after Brexit – UK government Statement of Intent contains few surprises

Data Protection Report

AUGUST 16, 2017

On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ).

Government

Government GDPR Personal data Insurance

CHINA: NEW DATA PROTECTION STANDARD – WHAT YOU NEED TO KNOW

DLA Piper Privacy Matters

FEBRUARY 13, 2018

The long awaited new National Standards on Information Security Technology – Personal Information Security Specification GB/T 35273-2017 (“PI Specification”) has now been released, and will come into force on 1 May 2018. personal information” and “sensitive personal information”). Explicit consent (i.e.

Information Security

Information Security Compliance GDPR Big data

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. This personal data was still being held by late May 2018 and had been subject to unauthorised use by a third party.

GDPR

GDPR Personal data Privacy Information architecture

Finding the treasure in governement information management

CILIP

DECEMBER 11, 2023

He gives an example from his early days at the Department for the Environment: “I remember in April 1986, I was on the library enquiry desk. FOI is a good example, you get 20 days to do it, and anything from a public inquiry will come with a challenging deadline and little appreciation of how difficult it may be to find some material.”

Government

Government Libraries Computer and Electronics Information governance

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

On 12 May 2022 EDPB adopted Guidelines on the calculation of administrative fines (the Guidelines ). The Guidelines supplement the Article 29 Working Party’s Guidelines on the application and setting of administrative fines ( WP253 ) adopted in October 2017 and recommends that the two are read together.

GDPR

GDPR Compliance Personal data IT

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

DLA Piper Privacy Matters

NOVEMBER 24, 2020

As this concept heavily focusses on the (group) turnover of the infringing controller or processor, it led to a significant increase of the amount of individual fines in Germany, see for example Berlin DPA v. Deutsche Wohnen SE. The case: 1&1 Telecom GmbH v. Media coverage caused reputational damage for 1&1 Telecom GmbH.

GDPR

GDPR Authentication Compliance Personal data

Global Ransomware Attacks Raise Key Legal Considerations

Hunton Privacy

MAY 16, 2017

On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. In a November 2016 blog entry , the FTC noted that “a business’ failure to secure its networks from ransomware can cause significant harm to the consumers (and employees) whose personal data is hacked.

Ransomware

Ransomware Insurance Access Information Security

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

DLA Piper Privacy Matters

DECEMBER 13, 2017

On 12 December 2017, the Article 29 Working Party (WP29) published draft Guidelines on Consent under the General Data Protection Regulation (GDPR). In the UK, they may be read alongside the separate draft GDPR consent guidance issued by the UK Information Commissioner’s Office (ICO) in March 2017. Recommendations.

GDPR

GDPR Personal data Retail Data collection

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. Among other news: B&Q breached the personal data of 70,000 people who had been caught stealing products from its stores. Video-sharing app TikTok agreed to a record $5.7

Data breaches

Data breaches GDPR Passwords Personal data

UK: How real is the threat of data protection group litigation in the UK?

DLA Piper Privacy Matters

NOVEMBER 6, 2018

The Court of Appeal delivered its decision in the case of WM Morrisons Supermarkets Plc v Various Claimants ([2018] EWCA Civ 2339) in October, dismissing Morrisons’ appeal against an earlier decision from 2017 finding the supermarket vicariously liable for the actions of a former employee, Andrew Skelton.

Insurance

Insurance Data breaches Personal data GDPR

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Relatively recent advances in technology — smartphones and social media, in particular — have allowed businesses to collect, store, and find ways to monetize far more personal data than ever before. 12 In other words, the 1983 amendment was seen as limiting the depth rather than the breadth of discovery.13.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Hunton Privacy

OCTOBER 5, 2016

The workshop was attended by almost 120 delegates from businesses, 12 data protection authorities (“DPAs”), four EU Member State governments, the EU Commission and the European Data Protection Supervisor, a non-DPA regulator, several academics and the IAPP. Forthcoming Working Party GDPR Guidance.

GDPR

GDPR Risk IT Compliance

EUROPE: ECJ and responsibility for personal data processing on Facebook fan pages

DLA Piper Privacy Matters

JUNE 13, 2018

In June 2018 the European Court of Justice’s Grand Chamber decided [1] on a long awaited case [2] regarding the responsibility of the administrators of Facebook fan pages, relating to the personal data of visitors to fan pages. 131/12, Google Spain SL, Google Inc. 5] [link]. [6] 6] See case C? 5] [link]. [6] 6] See case C?131/12,

Personal data

Personal data GDPR Privacy Risk

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. Right to Opt-Out. New Business Obligations.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. Right to Opt-Out. New Business Obligations. 16 CFR § 313.3(o)(1)(i)-(iii).

Privacy

Privacy Sales Education Compliance

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

We want businesses to ensure that their customers and future customers have consented to having their personal data processed, but we also need to ensure that the enormous potential for new data rights and freedoms does not open us up to new threats. How then will we secure adequacy without adhering to the charter?

GDPR

GDPR Personal data Government IT

GDPR’s happened, but have you realised the benefits yet?

CGI

DECEMBER 5, 2018

Wed, 12/05/2018 - 05:27. We’ve seen examples of helpdesk staff blaming GDPR for their inability to respond adequately. We also heard of health professionals providing flu jabs in a school being refused personal data about the children because of fear of GDPR infringement. The importance of data management.

GDPR

GDPR Metadata Personal data Compliance

The Belgian Constitutional Court annuls Data Retention Act

DLA Piper Privacy Matters

MAY 18, 2021

Pursuant to the Data Retention Act, telecom and internet companies are required to retain electronic and telephony data of its users for 12 months for criminal investigation and prosecution purposes. By interim judgment of 19 July 2018, the Constitutional Court referred a request for preliminary ruling to the CJEU.

Communications

Communications Privacy Personal data Security

Privacy as a “Fundamental Right” Clouds Smart Regulation

Data Matters

JULY 16, 2018

*Originally Published July 12, 2018 by Chambers and Partners Data Protection & Cyber Security 2018. In December 2009, with the entry into force of the Lisbon Treaty, the EU’s Charter of Fundamental Rights guaranteed both privacy and data protection as two of the Charter’s 50 enumerated fundamental rights.

Privacy

Privacy Cloud Artificial Intelligence Data Privacy

Information Management Today

List of mandatory documents required by the GDPR

Average cost of cyber crime rises to £10.3 million

Trending Sources

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Data Breach Notification

Heathrow Airport fined £120,000 for data breach

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Data Enrichment, People Data Labs and Another 622M Email Addresses

Is your school GDPR-compliant? Use our checklist to find out

Parenting support club Bounty fined in ‘unprecedented’ data breach

UK data protection after Brexit – UK government Statement of Intent contains few surprises

CHINA: NEW DATA PROTECTION STANDARD – WHAT YOU NEED TO KNOW

GDPR – The Year in Review

Finding the treasure in governement information management

EDPB publishes guidance on calculating GDPR fines

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

Global Ransomware Attacks Raise Key Legal Considerations

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

2019 end-of-year review part 1: January to June

UK: How real is the threat of data protection group litigation in the UK?

The Burden of Privacy In Discovery

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

EUROPE: ECJ and responsibility for personal data processing on Facebook fan pages

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The debate on the Data Protection Bill in the House of Lords

GDPR’s happened, but have you realised the benefits yet?

The Belgian Constitutional Court annuls Data Retention Act

Privacy as a “Fundamental Right” Clouds Smart Regulation

Stay Connected