GDPR - Information Management Today

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

What is the GDPR? First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. Second, if you process EU residents’ personal data, the GDPR still applies. There is also a special category of personal data devoted to sensitive information. A quick overview.

GDPR

GDPR Personal data Data breaches Compliance

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

The Last Watchdog

OCTOBER 17, 2022

To provide even further insight into the data safety and privacy practices of app developers, researchers at Incogni conducted a study of the top 500 paid and top 500 free Google Play Store apps. Among the app categories, shopping, business, and food & drink were found to be sharing the most user data. Greediest data harvesters.

Privacy

Privacy Data Privacy Personal data Data collection

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Key steps to GDPR compliance – Part 3

IT Governance

DECEMBER 20, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect, but some businesses are not even thinking about it yet, or are only just starting to. The EU GDPR Documentation Toolkit is a complete set of GDPR-compliant templates that are easy to use and customisable.

GDPR

GDPR Compliance Data breaches Information Security

Key Steps to GDPR Compliance – Part 2

IT Governance

DECEMBER 14, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect but some businesses are not even thinking about it yet, or are only just starting to. There are special categories of data that entail stricter processing rules, such as getting explicit consent. 4) Build a data inventory.

GDPR

GDPR Compliance Personal data Risk

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Data Protection Report

NOVEMBER 25, 2021

After months of anticipation regarding the ongoing review of the Privacy Act 1988 (Cth), the Federal Government has galvanized the Australian privacy landscape with two significant developments. Firstly, the Government has released a discussion paper about the reform of the Privacy Act. Online Privacy Bill.

Privacy

Privacy Paper Compliance Government

GDPR Training in Belfast – save 10%

IT Governance

DECEMBER 18, 2017

Many organisations are struggling to fill a skills gap created by the EU General Data Protection Regulation (GDPR) and need staff with knowledge of the Regulation. IT Governance runs two levels of GDPR training courses across the UK to train staff on the Regulation, giving them the knowledge required to manage a GDPR compliance project.

GDPR

GDPR Personal data Compliance Data breaches

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR

GDPR Risk Compliance Personal data

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

New course dates for GDPR training in Edinburgh and Glasgow

IT Governance

MAY 3, 2018

Although the EU General Data Protection Regulation (GDPR) deadline is only three weeks away, many organisations are still struggling to fill the cyber security skills gap and ensure that they are compliant. The courses are also available in Live Online and distance learning formats for those who can’t get to a classroom. The DPO role.

GDPR

GDPR Personal data Compliance Data breaches

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR

GDPR Personal data Compliance Privacy

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

Hunton Privacy

SEPTEMBER 21, 2016

On September 16, 2016, the Belgian Data Protection Authority (the “Privacy Commission”) published a 13-step guidance document (in French and Dutch ) to help organizations prepare for the EU General Data Protection Regulation (“GDPR”). The 13 steps recommended by the Privacy Commission are summarized below. Privacy Notice.

GDPR

GDPR Privacy Personal data Data breaches

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

Australia Privacy Act review – a blueprint for change?

DLA Piper Privacy Matters

FEBRUARY 20, 2023

Authors: Sarah Birkett , Nicholas Boyle The Australian Attorney-General has published the (long-awaited) results of the Privacy Act review. The report recommends a number of changes to the Australian privacy framework, including various changes to Australia’s core privacy legislation, the Privacy Act 1988 (Cth).

Privacy

Privacy Data breaches Marketing Government

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The guide is in line with the Article 29 Working Party Guidelines on Data Protection Officers (WP 243 rev 01) , but provides additional insights and practical guidance to organizations that designate a DPO in respect of GDPR and French data protection act requirements. Be the point of contact on GDPR issues. ii) Status of the DPO.

GDPR

GDPR Compliance Personal data Communications

How Companies Need to Treat User Data and Manage Their Partners

Security Affairs

MAY 12, 2021

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to. Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. Vendor Assessment Process.

GDPR

GDPR Privacy Personal data Data breaches

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. In Order No.

Personal data

Personal data Analytics GDPR Privacy

Insights about the first five years of Right to be Forgotten requests at Google

Elie

DECEMBER 12, 2019

This ruling establishes a right to privacy, whereby individuals can request that search engines delist URLs across the Internet that contain “inaccurate, inadequate, irrelevant or excessive” information uncovered by queries containing the name of the requester. Right to be Forgotten” (RTBF). transparency report. What is the RTBF used for?

Privacy

Privacy Paper Government GDPR

Building cyber security careers

IT Governance

OCTOBER 21, 2021

Information security is a broader category that protects all information assets, whether in hard copy or digital form. With the continued risk posed by COVID-19, we are committed to delivering our instructor-led courses in our unique Live Online format or COVID-secure classrooms. Structured learning paths.

Security

Security Information Security GDPR Data Privacy

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches.

Data breaches

Data breaches Privacy Personal data Data Privacy

Europe: New guidelines on the application and setting of fines under GDPR

DLA Piper Privacy Matters

NOVEMBER 7, 2017

Less than 6 months remain for individuals and companies to get ready for the breakthrough regulation in personal data protection envisaged by the Regulation 2016/679 of 27 April 2016 [1] (furthermore as “ GDPR “). That provides a fair overview on how should the potential fine be calculated.

GDPR

GDPR Personal data Privacy Government

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. . As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR).

GDPR

GDPR Privacy Personal data Sales

UK’s Draft GDPR Implementation Law: The Starting Point

HL Chronicle of Data Protection

SEPTEMBER 27, 2017

Ensuring that the GDPR, as implemented by the bill, will continue to apply to the U.K. Data Protection Act 1998, the bill replicates much of the content of the 1998 Act, particularly in relation to derogations and exemptions from the GDPR. First and foremost, the bill applies the GDPR to U.K. after Brexit. domestic law.

GDPR

GDPR Personal data Government Privacy

EUROPE: Domain names and WHOIS information in a post-GDPR world (gTLDs update)

DLA Piper Privacy Matters

JUNE 29, 2018

With the General Data Protection Regulation (GDPR) having taken effect across the EU on 25 May 2018, this has meant a big change to the availability of WHOIS data (ie data recording – among other things – the persons who own domain names). By Claire Sng (Senior Associate, London) and John Wilks (Partner, London).

GDPR

GDPR Personal data Access Compliance

Why every librarian needs to be involved in shaping your AI Policy

CILIP

FEBRUARY 1, 2024

Specifically, the ICO states that General Data Protection Regulations (GDPR) create specific requirements around the provision of information about and the explanation of AI-assisted decisions. As a result, many organisations are operating with a significant degree of risk in the impact of AI on their compliance with GDPR.

Artificial Intelligence

Artificial Intelligence Libraries GDPR Risk

UK Information Commissioner’s Office Publishes Final Guidance On Employee Monitoring

Data Protection Report

OCTOBER 12, 2023

Where looking to deploy monitoring of remote workers in their homes, employers should take into account that workers have a greater expectation of privacy at home than in the office. The ICO highlights, by way of example, its view that using systems to monitor the content of emails will require the processing of special category data.

GDPR

GDPR Mining Risk Privacy

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Hunton Privacy

OCTOBER 5, 2016

In September, the Centre for Information Policy Leadership (“CIPL”) held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. There was a sense of shared responsibility for the successful and timely implementation of the GDPR between industry, DPAs, national governments and the EU Commission.

GDPR

GDPR Risk IT Compliance

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

ICO Publishes Guidance on Consent under the EU GDPR

Hunton Privacy

MARCH 16, 2017

On March 2, 2017, the UK Information Commissioner’s Office (“ICO”) published draft guidance regarding the consent requirements of the EU General Data Protection Regulation (“GDPR”). The guidance sets forth how the ICO interprets the GDPR’s consent requirements, and its recommended approach to compliance and good practice.

GDPR

GDPR Compliance Privacy Risk

CIPL Responds to ICO Draft Code of Practice for Age Appropriate Design

Hunton Privacy

JUNE 11, 2019

On May 31, 2019, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted comments to the UK Information Commissioner’s Office (the “ICO”) public consultation on its draft code of practice for age appropriate design for online services (the “Code”).

Personal data

Personal data Privacy Paper GDPR

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

The definition of “data handler” under the Draft Regulations is similar to that of “data controller” in other privacy laws, such as the EU General Data Protection Regulation (“GDPR”). Data Handler and Entrusted Party. The Draft Regulations clarify the conditions that trigger a cybersecurity review required by the CSL.

Security

Security Data breaches Personal data Cybersecurity

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

“In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. From a user perspective, this is great news, as it results in more online privacy. federal privacy statute.

Security

Security Ransomware Cybersecurity Privacy

ICO Warns of Increased Focus on Adtech

Hunton Privacy

JULY 1, 2019

The report focuses on whether and how organizations in the adtech sector can comply with the EU General Data Protection Regulation (“GDPR”) and the UK’s implementation of the e-Privacy Directive, known as the Privacy and Electronic Communications Regulations (“PECR”).

GDPR

GDPR Personal data Privacy Communications

BELGIUM: Belgian DPA reveals its strategy for the next 5 years.

DLA Piper Privacy Matters

FEBRUARY 11, 2020

It will focus its attention on specific industry sectors as well as on specific GDPR topics and societal themes. The DPA will be especially focussing on enhancing GDPR compliance in the following industry sectors: Telecom and media sector , due to the large amount of data they process. 3 GDPR TOPICS OF PARTICULAR ATTENTION.

IT

IT GDPR Compliance Personal data

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. The growing number of data privacy regulations has raised the potential consequences of cybersecurity breaches, spurring demand for GRC (governance, risk, and compliance) software. Growth has definitely been robust.

Compliance

Compliance Security Cybersecurity Marketing

Examples of data processing activities that require a DPIA

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Damage : the effects on the individual if a data breach or privacy violation occurs. Online services.

GDPR

GDPR Personal data Risk Data breaches

Why every organisation needs data protection impact assessments

IT Governance

NOVEMBER 23, 2018

They are a useful accountability tool: the results of a DPIA will help you demonstrate that you have taken the appropriate technical and organisational measures required by the GDPR (General Data Protection Regulation). Data controllers are responsible for conducting DPIAs as required by Article 35 of the GDPR.

GDPR

GDPR Personal data Risk Marketing

UK ICO Releases Draft Direct Marketing Code of Practice for Public Consultation

Data Matters

FEBRUARY 10, 2020

The Draft Code is intended to update existing guidance published pre-GDPR and provide clarity on certain important issues. Lawful basis for direct marketing: The two lawful bases for direct marketing under the GDPR are consent and legitimate interests. a message informing a user they are approaching their monthly data limit).

Marketing

Marketing GDPR Personal data Communications

ICO’s McDougall Warns Adtech Sector that Change Is Needed

Hunton Privacy

JULY 11, 2019

Although McDougall pointed to various areas of the industry that are causing the regulator concern, he stated that the ICO’s focus in the short-term is primarily on the use of special category (also known as sensitive) data processed as part of real-time bidding, such as race, religion and mental health. This is simple stuff.”.

GDPR

GDPR Marketing Personal data Compliance

How to implement the General Data Protection Regulation (GDPR)

GDPR for small business: the ultimate guide

Webinars

Trending Sources

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

Webinars

Security Compliance & Data Privacy Regulations

Key steps to GDPR compliance – Part 3

Key Steps to GDPR Compliance – Part 2

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

GDPR Training in Belfast – save 10%

Why risk assessments are essential for GDPR compliance

GDPR – The Year in Review

California Enacts Broad Privacy Laws Modeled on GDPR

What UK charities need to know about GDPR compliance

New course dates for GDPR training in Edinburgh and Glasgow

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

California Enacts Broad Privacy Protections Modeled on GDPR

Australia Privacy Act review – a blueprint for change?

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

France: The CNIL publishes a practical guide on Data Protection Officers

How Companies Need to Treat User Data and Manage Their Partners

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

Insights about the first five years of Right to be Forgotten requests at Google

Building cyber security careers

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Europe: New guidelines on the application and setting of fines under GDPR

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

UK’s Draft GDPR Implementation Law: The Starting Point

EUROPE: Domain names and WHOIS information in a post-GDPR world (gTLDs update)

Why every librarian needs to be involved in shaping your AI Policy

UK Information Commissioner’s Office Publishes Final Guidance On Employee Monitoring

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

GDPR is upon us: are you ready for what comes next?

ICO Publishes Guidance on Consent under the EU GDPR

CIPL Responds to ICO Draft Code of Practice for Age Appropriate Design

China Releases Draft Regulations on Network Data Security Management

Security Outlook 2023: Cyber Warfare Expands Threats

ICO Warns of Increased Focus on Adtech

BELGIUM: Belgian DPA reveals its strategy for the next 5 years.

Automated Security and Compliance Attracts Venture Investors

Examples of data processing activities that require a DPIA

Why every organisation needs data protection impact assessments

UK ICO Releases Draft Direct Marketing Code of Practice for Public Consultation

ICO’s McDougall Warns Adtech Sector that Change Is Needed

Stay Connected