2018, Exercises and Personal data - Information Management Today

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

Some UK organisations will inevitably have to follow all the EU’s data protection rules because they will continue to process the personal data of individuals in the EU. Organisations have also spent many hours working out what legal basis each business process should rely on when personal data is processed.

Privacy

Privacy GDPR Personal data Computer and Electronics

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

CNIL Publishes Standard on HR Data Processing

Hunton Privacy

APRIL 20, 2020

On April 15, 2020, the French Data Protection Authority (the “CNIL”) published the final version of its standard (“Referential”) concerning the processing of personal data for core Human Resources (“HR”) management purposes. That Referential was adopted following a public consultation launched by the CNIL on April 11, 2019.

Personal data

Personal data GDPR Compliance Archiving

UK: A recent prosecution for a criminal offence under the Freedom of Information Act 2000 illustrates how forgiving our Data Protection Act 2018 is

DLA Piper Privacy Matters

APRIL 24, 2020

On 11 March 2020, the ICO brought its first successful conviction under the Freedom of Information Act 2000 (“ FOIA ”). Parallels with the Data Protection Act 2018. It is not clear why this is the case or should be the case in this context but not for the personal data equivalent. Facts of the matter.

FOIA

FOIA Personal data GDPR Access

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

Hello and welcome to the final IT Governance podcast of 2018. And then there was the Cambridge Analytica scandal , which broke when the former employee and whistle-blower Christopher Wylie revealed to the Guardian that the political consulting firm had harvested 50 million Facebook users’ personal data and used it for political purposes.

Data breaches

Data breaches Personal data Access GDPR

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Another example is the inclusion of remediation details for old vulnerabilities (including some dating back to 2018) and CISA stating that the Russian state-sponsored advanced persistent threat (“APT”) actors have used these “common but effective” vulnerabilities for attacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

EDPB Releases Overview on the Implementation and Enforcement of the GDPR

Hunton Privacy

MARCH 8, 2019

The main topics of these cases relate to the exercise of individual rights, consumer rights and data breaches. The EDPB has adopted 28 consistency opinions regarding the national lists of processing subject to a data protection impact assessment. 23 DPAs reported an increase in their regulatory budgets for 2018-2019.

GDPR

GDPR Data breaches Personal data Marketing

FRANCE: ONE MORE STEP TO ENSURE CONSISTENCY OF THE NEW FRENCH DATA PROTECTION LAW

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4]. Article 32 of the French Law No.

GDPR

GDPR Personal data Communications Government

Russia: Main Takeaways from Roskomnadzor’s Open Doors Day

HL Chronicle of Data Protection

FEBRUARY 28, 2018

Of the industries represented by the data operators, the majority of data subject complaints emanated from or related to consumers’ relationships with banks, housing services providers, and debt collection agencies. The Roskomnadzor also continued to review websites’ abilities to respect data subjects’ rights. Personal Data.

Personal data

Personal data Data Privacy Privacy Risk

Will the UK Meet the EU Adequacy Test?

HL Chronicle of Data Protection

SEPTEMBER 18, 2018

But whatever its flavour, upon Brexit the UK will cease to be an EU Member State and become a so-called ‘third country’ As a result, UK-based organisations, which in the context of transfers of personal data to countries outside the EU have always been exporters, will become importers of data originating from the EU.

GDPR

GDPR Personal data Privacy Government

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

Data Protection Report

MARCH 5, 2018

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. The deadline for submitting comments on the draft is March 26, 2018, and responses should be emailed to JUST-ARTICLE29WP-SEC@ec.europa.eu. the U.S.); the U.S.);

GDPR

GDPR Personal data e-Discovery Risk

FRANCE: New Data Protection Law has been Adopted

DLA Piper Privacy Matters

MAY 16, 2018

Despite a lack of agreement between the Senate and the National Assembly, France has finally passed its new data protection law , 11 days prior to the entry into application of the EU General Data Protection Regulation (GDPR) on May 25. Limitations to data subjects’ rights in certain circumstances. Children’s consent.

GDPR

GDPR Personal data Compliance Data Privacy

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

On June 11, 2021, the Regulation on notifications of incidents affecting networks, information systems and IT services (“ Regulation ”) – adopted by means of the Decree of the President of the Council of Ministers (DPCM) of 14 April 2021, no. The newly adopted Regulation on notification of security incidents. 4] Pursuant to Article 1, para.

Cybersecurity

Cybersecurity Communications Data breaches Security

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Hunton Privacy

APRIL 30, 2019

The French Data Protection Authority (the “CNIL”) recently published its Annual Activity Report for 2018 (the “Report”) and released its annual inspection program for 2019. The Report provides an overview of the CNIL’s enforcement activities in 2018. The CNIL received 1,170 data breach notifications in 2018.

GDPR

GDPR Personal data Data breaches Marketing

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

Additionally in 2017, Connecticut passed legislation requiring that health insurers, third-party administrators, and related entities implement and maintain a comprehensive information security program with specific minimum requirements to protect insureds’ personal data. Ohio Senate Bill 273 (ORC §§3965.01-11)

Insurance

Insurance Cybersecurity Data breaches Financial Services

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Relatively recent advances in technology — smartphones and social media, in particular — have allowed businesses to collect, store, and find ways to monetize far more personal data than ever before. social security and credit card numbers, employee and patient health data, and customer financial records).”43

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines

Hunton Privacy

APRIL 15, 2019

On April 11, 2019, the French Data Protection Authority (the “CNIL”) launched an online public consultation regarding two new CNIL draft standards (“Referentials”) concerning the processing of personal data for (1) core HR management purposes and (2) the operation of a whistleblowing hotline. Background.

Personal data

Personal data GDPR Big data Risk

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

We want businesses to ensure that their customers and future customers have consented to having their personal data processed, but we also need to ensure that the enormous potential for new data rights and freedoms does not open us up to new threats. This is “Hamlet” without the prince.

GDPR

GDPR Personal data Government IT

UK Court of Appeal Finds Automated Facial Recognition Technology Unlawful in Bridges v South Wales Police

Hunton Privacy

AUGUST 12, 2020

On August 11, 2020, the Court of Appeal of England and Wales overturned the High Court’s dismissal of a challenge to South Wales Police’s use of Automated Facial Recognition technology (“AFR”), finding that its use was unlawful and violated human rights. It is not a question of simple multiplication.

Personal data

Personal data Risk IT Privacy

GDPR: lawful bases for processing, with examples

IT Governance

MARCH 13, 2020

First published June 2018. Under the EU GDPR (General Data Protection Regulation) , you need to identify a lawful basis before processing personal data. Do you always need individuals’ consent to process their data? For the purposes of legitimate interests pursued by the data controller.

GDPR

GDPR Personal data Compliance Marketing

GDPR: lawful bases for processing, with examples

IT Governance

JUNE 15, 2018

Like the Data Protection Act 1998 (DPA 1998) that it superseded, the General Data Protection Regulation (GDPR) sets out six lawful bases for processing personal data. To comply with the data controller’s legal obligations. To protect the data subject’s vital interests.

GDPR

GDPR Personal data Compliance Privacy

Information Management Today

Data Protection: Where’s the Brexit Privacy Dividend?

The Impact of Data Protection Laws on Your Records Retention Schedule

Trending Sources

CNIL Publishes Standard on HR Data Processing

UK: A recent prosecution for a criminal offence under the Freedom of Information Act 2000 illustrates how forgiving our Data Protection Act 2018 is

Weekly podcast: 2018 end-of-year roundup

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

EDPB Releases Overview on the Implementation and Enforcement of the GDPR

FRANCE: ONE MORE STEP TO ENSURE CONSISTENCY OF THE NEW FRENCH DATA PROTECTION LAW

Russia: Main Takeaways from Roskomnadzor’s Open Doors Day

Will the UK Meet the EU Adequacy Test?

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

FRANCE: New Data Protection Law has been Adopted

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

The Burden of Privacy In Discovery

CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines

The debate on the Data Protection Bill in the House of Lords

UK Court of Appeal Finds Automated Facial Recognition Technology Unlawful in Bridges v South Wales Police

GDPR: lawful bases for processing, with examples

GDPR: lawful bases for processing, with examples

Stay Connected