GDPR and Security - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

Maintaining GDPR and Data Privacy Compliance in 2024

IT Governance

FEBRUARY 16, 2024

Expert tips from Alan Calder Alan is the Group CEO of GRC International Group PLC, the parent company of IT Governance, and is an acknowledged international security guru. In addition, 14 US states now have their own data privacy laws, and GDPR-like legislation has proliferated across the world.

Data Privacy

Data Privacy GDPR Compliance Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

British Airways GDPR Lawsuit: The Potential Impact

Data Breach Today

JANUARY 19, 2021

A Substantial Settlement Could Build Data Security Momentum British Airways could face a substantial compensation payout as a result of an ongoing group lawsuit over its 2018 data breach, the first of its kind under GDPR.

GDPR

GDPR Insurance Data breaches Security

Analysis: The Significance of GDPR Fines

Data Breach Today

JULY 12, 2019

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.

GDPR

GDPR Privacy Security

Cisco Studies Global Impact of GDPR

Data Breach Today

JANUARY 24, 2019

Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey.

GDPR

GDPR Data Privacy Compliance Privacy

WhatsApp fined €225M over GDPR issues

Security Affairs

SEPTEMBER 5, 2021

The instant messaging company violated the actual General Data Protection Regulation (GDPR). “The Data Protection Commission (DPC) has today announced a conclusion to a GDPR investigation it conducted into WhatsApp Ireland Ltd. The Irish agency is also asking the company to bring the data sharing in compliance with the GDPR.

GDPR

GDPR Compliance IT Security

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

DECEMBER 3, 2018

With GDPR in full effect since May, organizations with data security practices face the potential of massive fines. Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR

GDPR Personal data Security

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

During COVID-19 outbreak data processors have to be extra vigilant to maintain their compliance with data protection authorities like GDPR. Now the data processors have to be extra vigilant to maintain their compliance with data protection authorities like GDPR. COVID-19 Remote Working – GDPR Data Security Checklist.

GDPR

GDPR Security Compliance Encryption

Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023

IT Governance

MAY 25, 2023

billion fine for Meta – by far the biggest fine issued under the GDPR since it took effect five years ago – has been taken by many as a sign that the Regulation is at last beginning to be enforced with sufficient vigour. The GDPR was intended to address that – and at first, it seemed like it would. Monday’s €1.2

GDPR

GDPR Compliance Personal data Data Privacy

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

MAY 29, 2019

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple.

Data breaches

Data breaches GDPR Privacy Security

The Reasons Behind Google's GDPR Fine

Data Breach Today

JANUARY 25, 2019

The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.

GDPR

GDPR Compliance Security

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

But in order for businesses to maintain compliance with major privacy laws , they have to have security measures in place before an attack. The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them.

GDPR

GDPR Compliance Data Privacy Privacy

CJEU Rules That Fear May Constitute Damage Under the GDPR

Hunton Privacy

DECEMBER 19, 2023

Natsionalna agentsia za prihodite (C‑340/21), in which it clarified, among other things, the concept of non-material damage under Article 82 of the EU General Data Protection Regulation (“GDPR”) and the rules governing burden of proof under the GDPR.

GDPR

GDPR Personal data Data breaches Risk

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

JULY 9, 2019

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR

GDPR Privacy Security IT

Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR

Security Affairs

AUGUST 18, 2021

The German state’s data protection agency (DPA) warns that the use of the videoconferencing platform Zoom violates the European Union’s GDPR. The German agency states that the use of Zoom by the public body violated the EU GDPR. The DPA is going to issue a formal warning, under Article 58 (2) (a) of the GDPR.

GDPR

GDPR Privacy Compliance Communications

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). million (for breaches of the GDPR relating to its service).” million (for breaches of the GDPR relating to its service).” The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5

GDPR

GDPR Metadata Encryption Communications

Discord Fined by French CNIL for GDPR Violations

Data Breach Today

NOVEMBER 17, 2022

Video Streamer Pays 800,000 Euros to Settle Probe of Privacy and Security Practices The French data protection authority fined Discord 800,000 euros for privacy and security practices that violate the General Data Protection Regulation.

GDPR

GDPR Personal data Privacy Security

Facebook Fined $276M under GDPR

Schneier on Security

NOVEMBER 30, 2022

Total GDPR fines are over €2 billion (EUR) since 2018. Facebook—Meta—was just fined $276 million (USD) for a data leak that included full names, birth dates, phone numbers, and location. Meta’s total fine by the Data Protection Commission is over $700 million.

GDPR

Dear BA and Marriott: Your GDPR Fines Are Important to Us

Data Breach Today

JULY 10, 2019

Privacy Regulator's Clear Security Message: Act Now to Avoid 'Disappointment' The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s s privacy watchdog has proposed large post-breach sanctions against British Airways and Marriott.

GDPR

GDPR Personal data Privacy Security

Seven Data Security Challenges You Must Meet to Comply with GDPR

Thales Cloud Protection & Licensing

AUGUST 21, 2018

The enactment of the European Union’s General Data Protection Regulation (GDPR) is a significant milestone for virtually every international business. The following overview touches on some of the most critical elements that are required for GDPR compliance. Fine-Grained Access Control. Strong Key Management.

GDPR

GDPR Security Encryption Cloud

Securing Containers for GDPR Compliance

Thales Cloud Protection & Licensing

MARCH 1, 2018

Around the world, enterprises are anxious about May 25, 2018, the day enforcement begins for the European Union’s General Data Protection Regulation (GDPR). And, with potential fines of up to four percent of global revenues or 20 million EUR (whichever is higher), the GDPR has the attention of CEOs and Boards of Directors.

GDPR

GDPR Compliance Security Encryption

IT Governance Podcast 2.6.23: Capita, NHS, Meta, GDPR, DPDI Bill and Alan Calder on cyber regtech

IT Governance

JUNE 1, 2023

This week, we discuss more organisations affected by Capita’s security issues, the security implications of 20 NHS trusts’ use of Meta Pixel, Meta’s €1.2 billion GDPR fine and its potential effects for other organisations, and the progress of the DPDI (No. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud.

GDPR

GDPR Government IT Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

Organisations received £155 million in GDPR fines in 2020

IT Governance

MARCH 28, 2021

In 2020, organisations received €182 million (about £155 million) in fines for violating the GDPR (General Data Protection Regulation) , according to an IT Governance report. Our GDPR Fines Quarterly Report revealed that more than two thirds of that total – €110 million (£94 million) – came in the final quarter of the year.

GDPR

GDPR Personal data Government Compliance

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

What is the GDPR? Second, organisations must implement security measures to protect personal data from being breached or misused, and they must disclose any security incidents involving this data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law.

GDPR

GDPR Personal data Data breaches Compliance

GDPR Compliance Used as Phishing Lure

Data Breach Today

SEPTEMBER 25, 2020

The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security. Campaign Designed to Steal Credentials A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials.

Compliance

Compliance Phishing GDPR Security

GDPR compliance and information security: reducing data breach risks

IT Governance

MARCH 6, 2019

The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection. What the GDPR says about reducing risk. ISO 27001 and the GDPR.

Information Security

Information Security GDPR Data breaches Compliance

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

IT Governance

MARCH 17, 2022

The tech giant, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements, and more than 30 million people have been affected. The DPC began its inquiry in 2018 – shortly after the GDPR took effect – after it received a dozen breach notifications from Facebook. What rules did Facebook break?

GDPR

GDPR Personal data Encryption Compliance

The European Commission’s GDPR review in short

Privacy and Cybersecurity Law

JULY 22, 2020

Two years after the GDPR entered into force, the European Commission ( EC ) issued its first evaluation of the GDPR. Individuals are increasingly aware of the GDPR and their GDPR rights. The GDPR’s international data transfer toolbox. We have addressed the key points from the EC’s evaluation below.

GDPR

GDPR Privacy Personal data Compliance

UK ICO Approves the First UK GDPR Certification Scheme Criteria

Hunton Privacy

AUGUST 27, 2021

On August 19, 2021, the UK Information Commissioner’s Office (“ICO”) approved the criteria for three certification schemes, as required under Article 42(5) of the UK General Data Protection Regulation (“UK GDPR”). Certification schemes are one method for organizations to demonstrate compliance with the UK GDPR.

GDPR

GDPR Compliance Personal data Privacy

The Role of 'Prosilience' in IoT Security

Data Breach Today

MARCH 15, 2019

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."

IoT

IoT Security GDPR

Is Healthcare Ready to Comply With GDPR?

Data Breach Today

JANUARY 16, 2018

This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.

GDPR

GDPR Compliance Information Security Security

The Re-Permissioning Dilemma Under GDPR

AIIM

JUNE 26, 2018

Now that the EU General Data Protection Regulation (GDPR) is in force organizations are ramping up their efforts to re-fresh data subject consent obtained prior to GDPR and under the EU Data Protection Directive 95/46/EC by virtue of which opt-out, or implied consent was permissible. Furthermore, the.

GDPR

GDPR Privacy Marketing Sales

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” SecurityAffairs – hacking, GDPR).

Retail

Retail GDPR Sales Privacy

IRELAND: First GDPR fine issued in Ireland

DLA Piper Privacy Matters

MAY 19, 2020

Tusla, Ireland’s child and family agency, has become the first organisation fined under the GDPR in Ireland. Organisations must ensure they have robust access controls and security measures in place to prevent against unauthorised disclosure. Eilis McDonald & John Magee.

GDPR

GDPR Personal data Government Paper

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

This is the highest GDPR fine ever issued by the DPC, and the second highest by any EU regulator to date. The DPC issued two draft decisions in May 2020, which were subject to challenge and scrutiny by Concerned Supervisory Authorities in the months which followed, resulting in the GDPR dispute resolution procedure being initiated.

GDPR

GDPR Personal data Communications e-Delivery

The GDPR 4 years on and beyond

OpenText Information Management

MAY 31, 2022

As we mark the fourth anniversary of the GDPR, we have seen so many positive advances by businesses and other covered entities investing in privacy. Organizations have transformed their IT infrastructure and improved their security and data governance posture to mitigate data privacy and protection risk.

GDPR

GDPR Data Privacy Privacy Risk

GDPR supervisory authorities issued £2.6 million in fines in Q2 2020

IT Governance

AUGUST 17, 2020

In the second quarter of 2020, data protection bodies across Europe issued at least 46 administrative fines under the GDPR (General Data Protection Regulation) , with the penalties totalling nearly €2.9 Download GDPR Fines Quarterly Report: Q2 2020. Spain is responsible for by far the most GDPR fines. million (£2.6

GDPR

GDPR Personal data Privacy Government

GDPR puts focus on the security of your EIM solutions

OpenText Information Management

OCTOBER 29, 2018

In its report, The role of technology in your GDPR strategy, IDC identifies EIM technologies as central to achieving compliance with the EU’s General Data Protection Regulation (GDPR). The GDPR sets out to deliver new levels of data privacy and protection. This places emphasis on the security of all your enterprise applications.

GDPR

GDPR Security Data Privacy Compliance

Cyber resilience and the GDPR

IT Governance

JANUARY 8, 2019

This is essentially the combination of cyber security measures to prevent data breaches and business continuity measures to respond quickly when incidents can’t be stopped. The main benefit of cyber resilience is that it enables your organisation to address its security concerns as effectively as possible. What the GDPR says.

GDPR

GDPR Data breaches Personal data Compliance

Germany: No GDPR damages after data breach

DLA Piper Privacy Matters

OCTOBER 13, 2020

In contrast to personal injury claims where lawyers have (hundreds of) years of case law to call upon to help calculate compensation, there is comparatively little case law considering how compensation will be calculated for distress when personal data are processed in breach of GDPR. The decision. The District Court dismissed both claims.

GDPR

GDPR Data breaches Personal data Access

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

MAY 8, 2019

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The lack of privacy-related security measures challenged. The first GDPR fine issued in Italy.

GDPR

GDPR Systems administration Privacy Data breaches

Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

Hunton Privacy

FEBRUARY 3, 2022

The TCF is a GDPR consent solution developed by IAB Europe that has become a widely used approach to collecting and managing consent for targeted advertising cookies in the EU. Accountability, Security, and Data Protection by Design and By Default. Audit participating organizations to ensure they comply with the GDPR.

GDPR

GDPR Personal data Marketing IT

GDPR compliance checklist

Maintaining GDPR and Data Privacy Compliance in 2024

Webinars

Trending Sources

How to implement the General Data Protection Regulation (GDPR)

Webinars

British Airways GDPR Lawsuit: The Potential Impact

Analysis: The Significance of GDPR Fines

Cisco Studies Global Impact of GDPR

WhatsApp fined €225M over GDPR issues

Marriott Mega-Breach: Will GDPR Apply?

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023

Under GDPR, UK Data Breach Reports Quadruple

The Reasons Behind Google's GDPR Fine

How to Comply with GDPR, PIPL, and CCPA

CJEU Rules That Fear May Constitute Damage Under the GDPR

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Discord Fined by French CNIL for GDPR Violations

Facebook Fined $276M under GDPR

Dear BA and Marriott: Your GDPR Fines Are Important to Us

Seven Data Security Challenges You Must Meet to Comply with GDPR

Securing Containers for GDPR Compliance

IT Governance Podcast 2.6.23: Capita, NHS, Meta, GDPR, DPDI Bill and Alan Calder on cyber regtech

Security Compliance & Data Privacy Regulations

Organisations received £155 million in GDPR fines in 2020

GDPR for small business: the ultimate guide

GDPR Compliance Used as Phishing Lure

GDPR compliance and information security: reducing data breach risks

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

The European Commission’s GDPR review in short

UK ICO Approves the First UK GDPR Certification Scheme Criteria

The Role of 'Prosilience' in IoT Security

Is Healthcare Ready to Comply With GDPR?

The Re-Permissioning Dilemma Under GDPR

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

IRELAND: First GDPR fine issued in Ireland

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

The GDPR 4 years on and beyond

GDPR supervisory authorities issued £2.6 million in fines in Q2 2020

GDPR puts focus on the security of your EIM solutions

Cyber resilience and the GDPR

Germany: No GDPR damages after data breach

ITALY: First GDPR fine issued!

Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

Stay Connected