Hunton Privacy

APRIL 17, 2017

On April 12, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP issued a discussion paper on Certifications, Seals and Marks under the GDPR and Their Roles as Accountability Tools and Cross-Border Data Transfer Mechanisms (the “Discussion Paper”).

Paper 60

Paper GDPR Compliance Privacy 60

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR 40

GDPR Personal data Privacy Information architecture 40

IT Governance

JANUARY 4, 2018

This week, we look back at the big news from last year, and consider what the next 12 months have in store. As it’s the first one, let’s have a brief recap of some of last year’s biggest stories, and then look ahead to what we can expect from the next 12 months. By October 2017, Yahoo had been bought by Verizon for $4.48

Passwords 67

Passwords Data breaches GDPR Encryption 67

IT Governance

JUNE 29, 2018

This week, we discuss the apparent leak of 340 million data records, a vulnerability that exposed sensitive BetVictor data, a data breach affecting up to 40,000 Ticketmaster customers, and the number of GDPR complaints since 25 May. The BBC reports that Ticketmaster is “confident” it has complied with the GDPR.

GDPR 76

GDPR Passwords Data breaches Access 76

Hunton Privacy

JUNE 1, 2017

With just under one year to go before the EU General Data Protection Regulation (“GDPR”) becomes law across the European Union, the UK Information Commissioner’s Office (“ICO”) has continued its efforts to help businesses prepare for the new law. The ICO also has taken steps to address its own role post-Brexit.

GDPR 49

GDPR Compliance Risk Government 49

CGI

DECEMBER 7, 2017

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). Thu, 12/07/2017 - 15:43. In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives.

Insurance 40

Insurance Digital transformation Artificial Intelligence GDPR 40

CGI

DECEMBER 5, 2017

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). Tue, 12/05/2017 - 17:24. In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives.

Insurance 40

Insurance Digital transformation Artificial Intelligence GDPR 40

CGI

DECEMBER 19, 2017

GDPR: It’s Christmas – A time of good FEAR! Tue, 12/19/2017 - 14:18. The biggest regulatory driver in 2018 will be the introduction of the General Data Protection Regulation (GDPR) in May. But smaller companies don’t seem to have gotten to grips with what they need to do to comply with GDPR. That’s a concern.

GDPR 40

GDPR Insurance Risk Privacy 40

Hunton Privacy

APRIL 28, 2017

On April 27, 2017, the German Federal Parliament adopted the new German Federal Data Protection Act ( Bundesdatenschutzgesetz ) (“new BDSG”) to replace the existing Federal Data Protection Act of 2003. The GDPR allows for certain EU Member State deviations from the text of the GDPR. This post has been updated. .

GDPR 49

GDPR Personal data Information Security Security 49

Hunton Privacy

DECEMBER 20, 2017

On December 12, 2017, the Article 29 Working Party (“Working Party”) published its guidelines on transparency under Regulation 2016/679 (the “Guidelines”). The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”).

GDPR 62

GDPR Personal data Privacy Communications 62

Hunton Privacy

OCTOBER 5, 2016

In September, the Centre for Information Policy Leadership (“CIPL”) held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. There was a sense of shared responsibility for the successful and timely implementation of the GDPR between industry, DPAs, national governments and the EU Commission.

GDPR 49

GDPR Risk IT Compliance 49

IT Governance

JUNE 28, 2018

Ticketmaster has set up a website to answer customers’ questions and has offered them 12 months’ free identity monitoring. The incident highlights the importance of supply-chain security, especially now the GDPR (General Data Protection Regulation) is in effect. GDPR compliance checklist. Supply-chain security.

Data breaches 61

Data breaches GDPR Compliance Sales 61

IT Governance

APRIL 9, 2019

Originally published December 2017. 46% of all UK businesses identified at least one cyber breach in the past 12 months and and the International Data Cooperation predicts that a quarter of the world’s population will have been affected by a data breach by 2020. This blog has been updated to reflect industry updates.

Data breaches 75

Data breaches GDPR Compliance Risk 75

IT Governance

NOVEMBER 22, 2018

With only 40% of organisations confident that they can prevent cyber attacks and 42% of micro/small businesses identifying at least one breach or attack in the last 12 months, it is only too clear why businesses need to invest more in cyber security. However, it’s not just the organisation’s profitability that can be hit.

Security 87

Security Government GDPR Compliance 87

IT Governance

NOVEMBER 23, 2017

With the new General Data Protection Regulation (GDPR) taking effect on 25 May 2018, the penalties for not taking the right precautions to protect personal data are about to get worse for many organisations. Under the new EU legislation, a breach of cardholder data is likely to be liable under both the PCI DSS and the GDPR.

GDPR 65

GDPR Compliance Personal data Risk 65

Data Matters

MARCH 10, 2021

The first draft of the ePrivacy Regulation was approved by the European Commission in 2017 and has since been under discussion in the Council. The GDPR also supplements the ePrivacy rules on the protection of personal data. Organizations subject to the ePrivacy Regulation on a purely extraterritorial basis (i.e.,

GDPR 68

GDPR Metadata Communications Privacy 68

Data Protection Report

AUGUST 16, 2017

On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ). The Statement summarises some of the notable derogations from the GDPR.

Government 40

Government GDPR Personal data Insurance 40

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4]. Following-up the adoption of the GDPR, the French Law No.

GDPR 49

GDPR Personal data Communications Government 49

Hunton Privacy

DECEMBER 13, 2016

On December 12, 2016, Politico reported that the European Commission intends to replace the e-Privacy Directive with a Regulation. The draft Regulation is intended to complement the EU GDPR, and contains a number of provisions that mirror those of the GDPR.

Privacy 45

Privacy GDPR Communications Government 45

Hunton Privacy

JANUARY 18, 2018

On January 10, 2018, the Law of 3 December 2017 creating the Data Protection Authority (the “Law”) was published in the Belgian Official Gazette (available in French and Dutch ). The Law was submitted in the Chamber of Representatives on August 23, 2017, and was approved by the Parliament in plenary meeting on November 16, 2017.

Privacy 55

Privacy Computer and Electronics Personal data GDPR 55

Privacy and Cybersecurity Law

AUGUST 1, 2018

The ICO has been involved in producing significant GDPR guidance in the last 12 months and has also run an internal change management process to ensure it is up to the demands placed upon it by GDPR (think: extra staff, new breach reporting functions and helplines). The ICO has produced a Guide to GDPR – definitely worth a read.

GDPR 40

GDPR Data breaches Personal data Privacy 40

Hunton Privacy

DECEMBER 7, 2017

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”). Risk Assessment.

Data breaches 45

Data breaches Personal data GDPR Risk 45

DLA Piper Privacy Matters

MARCH 28, 2019

Currently, Mrs Dereppe is the Advisor to the State Secretary for Privacy and responsible for the Belgian implementation of the GDPR. Prior to that, Hielke served for 12 years at the EDPS, a.o. Hielke Hijmans – Litigation Chamber. The Head of the Litigation Chamber will be Hielke Hijmans.

GDPR 93

GDPR Privacy Analytics Personal data 93

IT Governance

AUGUST 27, 2018

The results of 2017’s Zurich SME Risk Index revealed that almost one in six SMEs fell victim to a cyber attack within a 12-month period. The EU GDPR (General Data Protection Regulation) introduces a duty on all organisations to report certain types of personal data breach to the ICO (Information Commissioner’s Office).

Security 73

Security Data breaches Risk GDPR 73

IT Governance

APRIL 16, 2018

The report examines how cyber activity has impacted UK businesses over the past 12 months and the future threats they will face. The successful use of worms in the WannaCry attack in 2017 has likely encouraged criminal hackers to use them as an automated and faster way to spread malware. Cryptojacking. Data breaches.

Security 64

Security Data breaches IoT Cloud 64

Data Protection Report

AUGUST 8, 2017

The German federal labor court held in a recent decision ( Bundesarbeitsgericht , 27 July 2017 – case no. Norton Rose Fulbright has been shortlisted for ‘Cyber law firm of the year’ at the Insurance Insider Cyber Ranking Awards 2017.

Computer and Electronics 40

Computer and Electronics Insurance Privacy GDPR 40

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. million US customers had been affected by 2017’s Equifax breach , bringing the total number of victims to 147.9 And, of course, on 25 May the GDPR came into effect. million payment cards and 1.2

Data breaches 71

Data breaches Personal data Access GDPR 71

IT Governance

NOVEMBER 14, 2017

How the PCI DSS can help you meet the requirements of the GDPR. The webinar will take place on 12 December 2017, from 3:00 pm. The biggest payment security challenges facing organisations. QSA insight to help you achieve and maintain compliance.

Compliance 66

Compliance Encryption GDPR Security 66

DLA Piper Privacy Matters

FEBRUARY 13, 2018

The long awaited new National Standards on Information Security Technology – Personal Information Security Specification GB/T 35273-2017 (“PI Specification”) has now been released, and will come into force on 1 May 2018. By Scott Thiel and Carolyn Bigg.

Information Security 40

Information Security Compliance GDPR Big data 40

HL Chronicle of Data Protection

JULY 9, 2019

As companies continue to grapple with interpreting how the GDPR’s principles apply to their own businesses, in particular contexts, there is a growing need for data protection regulators to provide clarity on the practical application of the regulation. Next steps.

GDPR 40

GDPR Personal data Privacy Financial Services 40

Elie

DECEMBER 12, 2019

By December 2017, with three full years of carefully categorised data, we had the means to deliver an improved transparency dashboard — which we. For example, as can be seen in the chart, French Internet users requested on average 12 URL delistings per 1,000 users, whereas in Italy there were 7 such requests, and in Greece only 3.

Privacy 118

Privacy Paper Government GDPR 118

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. Victims of Equifax’s 2017 data breach were given the go-ahead to launch a class-action lawsuit. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

IT Governance

JULY 19, 2018

On 27 February 2017, an IICSA staff member sent a bulk email to 90 inquiry participants to inform them about a public hearing, rightly entering the participants’ email addresses in the ‘bcc’ field. “In million – a year-on-year increase of 6.4%.

Data breaches 66

Data breaches Privacy Personal data Compliance 66

DLA Piper Privacy Matters

MAY 31, 2018

PECR sits alongside the Data Protection Act 2018 and the GDPR and provide data subjects with specific privacy rights in relation to electronic communications. Background. There are specific rules on: • marketing calls, emails, texts and faxes; • cookies (and similar technologies); • keeping communications services secure; and.

Government 40

Government Marketing Communications Privacy 40

IT Governance

OCTOBER 9, 2018

Newspaper reports claim that the USB stick was found in London on 16 October 2017, and that the person who found the stick viewed the contents on a library computer before passing it to the Sunday Mirror. At the time of the breach, reports claimed that data on the stick also included the Queen’s travel itinerary.

Data breaches 65

Data breaches Personal data Libraries Information Security 65

CGI

SEPTEMBER 12, 2017

Tue, 09/12/2017 - 03:00. This is made more complicated by the need to gain the permission of the citizen to access and use that data as set out under the forthcoming General Data Protection Regulation (GDPR). Data analytics – how should insurers look to the future?

Insurance 40

Insurance Analytics Risk IoT 40

IT Governance

NOVEMBER 24, 2017

Hello and welcome to the IT Governance podcast for Friday, 24 November 2017. And we all know how much they’ll be when the GDPR comes into effect next May.). You don’t have long to submit your claim , though: only until 12 February next year. Here are this week’s stories. It almost makes Equifax’s data breach response look good.

Data breaches 65

Data breaches Access Blockchain Cloud 65