GDPR - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

But in order for businesses to maintain compliance with major privacy laws , they have to have security measures in place before an attack. The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them.

GDPR

GDPR Compliance Data Privacy Privacy

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

What is the GDPR? Second, organisations must implement security measures to protect personal data from being breached or misused, and they must disclose any security incidents involving this data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law.

GDPR

GDPR Personal data Data breaches Compliance

IRELAND: First GDPR fine issued in Ireland

DLA Piper Privacy Matters

MAY 19, 2020

Tusla, Ireland’s child and family agency, has become the first organisation fined under the GDPR in Ireland. In its 2019 Annual Report, the DPC reported three separate statutory inquiries into Tusla in respect of a number of breaches which had been reported to it since May 2018.

GDPR

GDPR Personal data Government Paper

Google fined £44 million in landmark GDPR ruling

IT Governance

JANUARY 21, 2019

Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). . It’s by far the biggest fine related to the GDPR, which took effect in May 2018 and gave regulatory bodies much stronger disciplinary powers. .

GDPR

GDPR Access Government IT

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

MAY 8, 2019

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The lack of privacy-related security measures challenged.

GDPR

GDPR Systems administration Privacy Data breaches

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Data collection Privacy

UK: First-Tier Tribunal considers first fine imposed by the ICO under the GDPR and slashes the amount by two thirds

DLA Piper Privacy Matters

AUGUST 19, 2021

On 17 December 2019, the ICO issued the first administrative fine under the GDPR (known as a monetary penalty notice in the UK), alongside an Enforcement Notice, against Doorstep Disparensee Limited (“ DDL ”). Some of these contained personal data and special category (health) data.

GDPR

GDPR Personal data Compliance Risk

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR

GDPR Personal data Data breaches Compliance

What Is Data Minimisation? Definition & Examples

IT Governance

APRIL 18, 2023

Data minimisation is a key part of information security and the GDPR (General Data Protection Regulation) in particular. Its principles are at the heart of effective data protection practices, and are intended to prevent privacy breaches and minimise the damage when security incidents occur. What is data minimisation?

GDPR

GDPR Personal data Data breaches Marketing

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

IT Governance

DECEMBER 24, 2019

Doorstep Dispensaree has been fined £275,000 for failing to comply with the GDPR (General Data Protection Regulation) , making it the first organisation in the UK to be penalised for breaching its requirements. Haven’t there already been GDPR fines in the UK? What went wrong?

GDPR

GDPR Personal data Government Access

Key steps to GDPR compliance – Part 3

IT Governance

DECEMBER 20, 2017

There are less than six months to go until the General Data Protection Regulation (GDPR) comes into effect, but some businesses are not even thinking about it yet, or are only just starting to. Data subject access requests, incident reporting and data breach reporting will all need written processes, too. 8) Communications strategy.

GDPR

GDPR Compliance Data breaches Information Security

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

DLA Piper Privacy Matters

NOVEMBER 24, 2020

Background: How to calculate GDPR fines? How to properly calculate administrative fines for non-compliance with the EU General Data Protection Regulation (‘ GDPR ’) is one of the most important questions when applying the GDPR on practical level, e.g. : What is actually meant by the reference to “undertaking” in Article 83 (4) to (6) GDPR?

GDPR

GDPR Authentication Compliance Personal data

CCTV and the GDPR – an overview for small businesses

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. You can find more information about GDPR compliance on our website >> Data processing principles (Article 5).

GDPR

GDPR Personal data Privacy Access

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Privacy Data Privacy

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR

GDPR Risk Compliance Personal data

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. One key part of this record-keeping activity is to document the category of individuals (employees, customers, etc.) Where to begin with a data flow map? Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

Dutch Data Protection Authority Sets GDPR Fines Structure

HL Chronicle of Data Protection

MARCH 20, 2019

On 14 March 2019, the Dutch data protection authority ( Autoriteit Persoonsgegevens , DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act). To view the proposal, click here.

GDPR

GDPR Data breaches Personal data IT

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations.

GDPR

GDPR Compliance Personal data Risk

New Dubai International Financial Centre Data Protection Law Comes into Effect

Hunton Privacy

JULY 9, 2020

The New DP Law reflects many aspects of the EU’s General Data Protection Regulation (the “GDPR”), including: Accountability Requirements: Controllers are required to put in place programs demonstrating compliance with the New DP Law, similar to the GDPR’s accountability requirements.

Personal data

Personal data GDPR Data breaches Compliance

HMRC forced to delete 5 million voice records after GDPR gaffe

IT Governance

MAY 9, 2019

HMRC (HM Revenue and Customs) has been told to delete more than five million people’s voice records after it was discovered that the way the information was collected breached the GDPR (General Data Protection Regulation). This breaches the GDPR’s requirements that consent be given explicitly and freely.

GDPR

GDPR Personal data Education Passwords

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

The Last Watchdog

OCTOBER 17, 2022

Among the app categories, shopping, business, and food & drink were found to be sharing the most user data. So it’s best to think twice before downloading an app from one of these categories, especially if it’s free and/or popular. The term itself implies a level of privacy and security that may be misleading. Bottom line.

Privacy

Privacy Data Privacy Personal data Data collection

GDPR Training in Belfast – save 10%

IT Governance

DECEMBER 18, 2017

Many organisations are struggling to fill a skills gap created by the EU General Data Protection Regulation (GDPR) and need staff with knowledge of the Regulation. IT Governance runs two levels of GDPR training courses across the UK to train staff on the Regulation, giving them the knowledge required to manage a GDPR compliance project.

GDPR

GDPR Personal data Compliance Data breaches

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process. This daily amount will ultimately serve as the basis of the fine.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process. This daily amount will ultimately serve as the basis of the fine.

GDPR

GDPR Personal data Privacy Manufacturing

Everything you need to know about DPOs under the GDPR

IT Governance

FEBRUARY 8, 2019

We recently claimed that DPOs (data protection officers) are “ the key to data breach response ”, but you could argue that they are the key to GDPR (General Data Protection Regulation) compliance in general. Article 39 of the GDPR. Processes special categories of data on a large scale. Need more GDPR help?

GDPR

GDPR Personal data Privacy Compliance

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

New course dates for GDPR training in Edinburgh and Glasgow

IT Governance

MAY 3, 2018

Although the EU General Data Protection Regulation (GDPR) deadline is only three weeks away, many organisations are still struggling to fill the cyber security skills gap and ensure that they are compliant. Certified EU GDPR Foundation Training Course. Essential GDPR background and terminology. Securing personal data.

GDPR

GDPR Personal data Compliance Data breaches

GDPR – the facts and what it means for the retail sector

IT Governance

JUNE 25, 2018

We all know by now that, on 25 May 2018, the General Data Protection Regulation (GDPR) came into effect. The GDPR is not an IT issue. Despite the benefits of good data management, it was widely acknowledged that many organisations would not be GDPR-compliant on 25 May. GDPR c ompliance is not a choice .

Retail

Retail GDPR IT Compliance

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. What constitutes a personal data breach.

Personal data

Personal data Data breaches Data collection GDPR

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). Data Breach. If the data handler is unable to notify affected individuals directly, it may publish public notice of the breach.

Security

Security Data breaches Personal data Cybersecurity

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR

GDPR Personal data Compliance Privacy

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020. On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4

Security

Security Personal data GDPR Insurance

How long do you have to report a data breach?

IT Governance

DECEMBER 13, 2018

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Not all breaches need to be reported. How to report data breaches.

Data breaches

Data breaches GDPR Personal data Compliance

How long do you have to report a data breach?

IT Governance

OCTOBER 24, 2018

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Not all breaches need to be reported. How to report data breaches.

Data breaches

Data breaches GDPR Compliance Personal data

6 tools to help you prevent and respond to data breaches

IT Governance

JANUARY 1, 2019

There are few things organisations fear more than data breaches. The stakes were raised with the enforcement of the EU GDPR (General Data Protection Regulation) in May 2018. It demands adequate security measures and has been widely publicised, as it has the potential to levy large fines against non-compliant organisations.

Data breaches

Data breaches GDPR Information Security Risk

ITALY: Data Protection law integrating the GDPR in place

DLA Piper Privacy Matters

SEPTEMBER 10, 2018

Italian privacy law integrating the GDPR is finally in place, but a number of provisions remain unclear, but need immediate action. The Italian Privacy Code changes after the GDPR. The result is a very confusing text which inevitably cannot be 100% aligned to the GDPR and might contain mistakes.

GDPR

GDPR Privacy Compliance Marketing

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

Hunton Privacy

SEPTEMBER 21, 2016

On September 16, 2016, the Belgian Data Protection Authority (the “Privacy Commission”) published a 13-step guidance document (in French and Dutch ) to help organizations prepare for the EU General Data Protection Regulation (“GDPR”). Review existing privacy notices and update them to comply with the GDPR. Data Breach.

GDPR

GDPR Privacy Personal data Data breaches

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Given the potential financial exposure under GDPR, it is no surprise that a great deal of time is being spent working out how to allocate the risk and liability when negotiating commercial contracts. Before we look at limiting liability, we need to first consider how liability can arise in the first place in the context of GDPR.

GDPR

GDPR Risk Data breaches Personal data

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Webinars

Trending Sources

How to Comply with GDPR, PIPL, and CCPA

Webinars

GDPR for small business: the ultimate guide

IRELAND: First GDPR fine issued in Ireland

Google fined £44 million in landmark GDPR ruling

ITALY: First GDPR fine issued!

Guest Post - Three Critical Steps for GDPR Compliance

UK: First-Tier Tribunal considers first fine imposed by the ICO under the GDPR and slashes the amount by two thirds

Security Compliance & Data Privacy Regulations

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

What Is Data Minimisation? Definition & Examples

Doorstep Dispensaree becomes the first UK organisation to receive a GDPR fine

Key steps to GDPR compliance – Part 3

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

CCTV and the GDPR – an overview for small businesses

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

How the CCPA and GDPR Are Different

Why risk assessments are essential for GDPR compliance

How to comply with Article 30 of the GDPR

Dutch Data Protection Authority Sets GDPR Fines Structure

What UK charities need to know about GDPR compliance

New Dubai International Financial Centre Data Protection Law Comes into Effect

HMRC forced to delete 5 million voice records after GDPR gaffe

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

GDPR Training in Belfast – save 10%

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

Everything you need to know about DPOs under the GDPR

GDPR – The Year in Review

New course dates for GDPR training in Edinburgh and Glasgow

GDPR – the facts and what it means for the retail sector

When are schools required to report personal data breaches?

China Releases Draft Regulations on Network Data Security Management

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

California Enacts Broad Privacy Laws Modeled on GDPR

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

How long do you have to report a data breach?

How long do you have to report a data breach?

6 tools to help you prevent and respond to data breaches

ITALY: Data Protection law integrating the GDPR in place

Belgian Privacy Commission Issues Priorities and Thematic Dossier to Prepare for GDPR

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

California Enacts Broad Privacy Protections Modeled on GDPR

Stay Connected