Auditing your GDPR practices

IT Governance

Follow our advice to make sure your organisation is GDPR-compliant and avoids disciplinary action. After a relatively quiet few months, the EU GDPR (General Data Protection Regulation) is back in the news. EU GDPR GDPR

GDPR 76

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

With GDPR in full effect since May, organizations with data security practices face the potential of massive fines Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR 184

GDPR: 8,000 Data Breach Reports Filed So Far in UK

Data Breach Today

Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s

Europe Catches GDPR Breach-Notification Fever

Data Breach Today

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era.

GDPR 239

List of free GDPR resources and templates

IT Governance

This blog was originally published before the GDPR took effect in May 2018. The EU’s GDPR (General Data Protection Regulation) requires all organisations that process EU residents’ personal data to abide by its strict terms. Conducting a data flow mapping exercise under the GDPR.

GDPR 71

The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group. GDPR infogov

GDPR 190

The GDPR: Requirements for encryption

IT Governance

Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. BreachReady EU GDPR GDPR ISO 27001

Facebook Submits GDPR Breach Notification to Irish Watchdog

Data Breach Today

Report Into 50 Million Breached Accounts Is Incomplete, Privacy Watchdog Warns To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed.

GDPR 212

GDPR puts focus on the security of your EIM solutions

OpenText Information Management

In its report, The role of technology in your GDPR strategy, IDC identifies EIM technologies as central to achieving compliance with the EU’s General Data Protection Regulation (GDPR). The GDPR sets out to deliver new levels of data privacy and protection.

GDPR 81

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling.

GDPR 81

The GDPR: What do I need to do?

IT Governance

Although the EU General Data Protection Regulation (GDPR) has come into effect, a large number of organisations are not yet compliant. To help, IT Governance has created a checklist to highlight the essential steps your organisation must take in order to become GDPR compliant.

GDPR 68

How Cyber Insurance Is Changing in the GDPR Era

Data Breach Today

GDPR: Is Australia Ready?

Data Breach Today

With Europe's GDPR enforcement set to take effect on May 25, Australian organizations vary in readiness. Steve Ingram of PwC says it's not too late for companies to prepare for GDPR, but it will be too late to ask regulators for forgiveness if something goes wrong

GDPR 100

Google Faces GDPR Complaints Over Web, Location Tracking

Data Breach Today

GDPR 218

GDPR Compliance: Common Misconceptions

Data Breach Today

Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data

The Effects of GDPR's 72-Hour Notification Rule

Schneier on Security

The EU's GDPR regulation requires companies to report a breach within 72 hours. disclosure facebook gdpr

GDPR 93

The impact of GDPR on cybersecurity managers

Information Management Resources

Among many unclear implication of GDPR, the vaguest might be how to ensure compliance with the security requirements, including data protection by design and by default. GDPR Compliance Compliance systems Data privacy

GDPR 65

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised.

GDPR 102

GDPR Compliance: The Role of Vendor Risk Management

Data Breach Today

Attorney Steven Teppler on Holding Vendors Accountable Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation? Attorney Steven Teppler provides insights

GDPR fine for German chat app platform

IT Governance

It’s the first fine for a violation of the EU GDPR (General Data Protection Regulation) issued by the LfDI (Baden-Wüttemberg data protection authority). There had been speculation that supervisory authorities would issue heavy fines upon the GDPR’s introduction to lay down the law.

GDPR 65

Facebook's Zuckerberg: GDPR Won't Apply Worldwide

Data Breach Today

CEO Says Compliance Outside EU Should Be 'In Spirit' of GDPR Facebook CEO Mark Zuckerberg says the social networking company is already complying with parts of Europe's GDPR privacy legislation, but it won't comply with all of its requirements worldwide.

GDPR 143

The role of blockchain in helping organizations meet GDPR compliance

Information Management Resources

GDPR Blockchain Data management Data privacy Data securityMany have begun to consider whether the technology could be used to improve customer data management processes, as they relate to the upcoming EU mandate.

Manage Your Privacy Journey: GDPR, CCPA and Beyond

InfoGoTo

Over the past few years, we have been on a General Data Protection Regulation (GDPR) adventure. However, the privacy journey is ongoing, and organizations need to continue forward with ongoing proactive GDPR compliance, particularly as organizations are dynamic and constantly changing.

How the General Data Protection Regulation (GDPR) Helps Improve RIM Policies and Processes

InfoGoTo

A good incentive to update and strengthen your organization’s records and information management (RIM) policies is the looming threat of fines upwards of 20 million euros, courtesy of the European Union’s General Data Protection Regulation (GDPR) , which became effective on May 25, 2018.

GDPR 79

Procrastinators' Guide to GDPR Compliance

Data Breach Today

Organizations Are Not as Ready as They Might Believe If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now

How to write a GDPR data protection policy – with policy template

IT Governance

This blog was originally published before the GDPR took effect in May 2018. This blog post outlines what a GDPR data protection policy is, what you should include in yours and what tools you can use to help your organisation produce this essential documentation. Updated 7 November 2018.

GDPR 72

Why is the GDPR still something I should be concerned about?

IT Governance

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. GDPR complexities . BreachReady : taking your first steps to GDPR complian ce .

GDPR 82

How organizations can best demonstrate GDPR compliance

Information Management Resources

The GDPR doesn’t provide guidance on how to meet its requirements. GDPR Compliance systems ComplianceThis was to make it future-proof, as best practices are likely to change over time. But without explicit guidance, many organizations have been stumped.

GDPR compliance checklist for healthcare

IT Governance

In February 2018, NHS Digital released guidance for healthcare providers (HCPs) to help them comply with the EU General Data Protection Regulation (GDPR). View the checklist >> For HCPs that have not yet considered how they will comply with the GDPR – don’t panic.

GDPR: The Global Impact on Privacy

Data Breach Today

Richard Henderson of Infosec Global Sizes Up the EU Law's Influence So Far Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally

How to write a GDPR privacy notice – with documentation template example

IT Governance

This blog was originally published before the GDPR took effect in May 2018. An integral part of EU GDPR (General Data Protection Regulation) compliance is producing appropriate documentation. When should you provide a GDPR privacy notice? How do you write a GDPR privacy policy?

Seven Data Security Challenges You Must Meet to Comply with GDPR

Thales Data Security

The enactment of the European Union’s General Data Protection Regulation (GDPR) is a significant milestone for virtually every international business. The following overview touches on some of the most critical elements that are required for GDPR compliance.

GDPR compliance: why you should consider BS 10012 certification

IT Governance

The EU GDPR (General Data Protection Regulation) hasn’t been around for long but we’re already seeing a huge increase in reported data breaches to the ICO (Information Commissioner’s Office). Is conformance to BS 10012 sufficient for overall GDPR compliance?

GDPR compliance: why you should consider BS 10012 certification

IT Governance

The EU GDPR (General Data Protection Regulation) hasn’t been around for long but we’re already seeing a huge increase in reported data breaches to the ICO (Information Commissioner’s Office). Is conformance to BS 10012 sufficient for overall GDPR compliance?

How to implement a GDPR staff awareness training programme

IT Governance

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Deliver cost-effective GDPR training to your staff .

How to implement a GDPR staff awareness training programme

IT Governance

When organisations look to initiate a GDPR compliance programme, the ‘people’ factor is often overlooked. Yet staff awareness and education are key components of any organisation’s GDPR compliance framework. . Deliver cost-effective GDPR training to your staff .

Where to start with GDPR compliance

IT Governance

The first few steps of your EU General Data Protection Regulation (GDPR) compliance project can be the most confusing. What is the GDPR and does your organisation need to comply? GDPR compliance is not a choice, nor is it just a matter of ticking a few boxes.

GDPR in manufacturing: Where to start, threats and opportunities

OpenText Information Management

There are now less than three months left until the EU General Data Protection Regulation (GDPR) comes into force. … The post GDPR in manufacturing: Where to start, threats and opportunities appeared first on OpenText Blogs.

GDPR and The Data Governance Imperative

AIIM

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law.

Facebook's Zuckerberg Pledges Worldwide GDPR Compliance

Data Breach Today

Second Congressional Hearing Probes Privacy Issues At a U.S. House hearing Wednesday, Facebook CEO Mark Zuckerberg said the company would eventually comply worldwide with the European Union's tough privacy law, the General Data Protection Regulation

GDPR will be a harsh wake-up call for most U.S. companies

Information Management Resources

GDPR Compliance Compliance systems Data privacy Data securityRecent studies suggest only one-in-four organizations are well-prepared for the data management mandate, a statistic that could have costly consequences.

GDPR 230

Marketing and the GDPR

IT Governance

The EU General Data Protection Regulation (GDPR) has big implications for marketing departments and how they can advertise products and services. But how does this, and other aspects of the GDPR, apply in the real world of marketing?

Fresh GDPR Complaints Take Aim at Targeted Advertising

Data Breach Today

Browser Upstart Alleges Ad Firms Are Seeing Too Much Personal Data A web browser startup, Brave, has filed complaints in Europe alleging Google and other behavioral advertising companies are violating Europe's GDPR.

GDPR 144