IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR 79

GDPR Compliance Personal data Privacy 79

IT Governance

FEBRUARY 16, 2024

For a start, maintaining data privacy and GDPR [General Data Protection Regulation] compliance will become increasingly complex through 2024, particularly for organisations operating across multiple jurisdictions. What are your top tips for ensuring compliance with the GDPR and similar laws?

Data Privacy 102

Data Privacy GDPR Compliance Privacy 102

DLA Piper Privacy Matters

OCTOBER 21, 2022

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia. Data Protection Officer (DPO). Overseas Data Transfers. The law is primarily consent-based.

Personal data 98

Personal data Compliance Risk Access 98

IT Governance

SEPTEMBER 17, 2024

If you can reduce the risk of data breaches and card fraud by reducing your scope, you can reduce your compliance burden to as little as 21 sub-requirements ( SAQ P2PE ). Let’s look at eight ways you can reduce your CDE (cardholder data environment) to reduce your PCI scope. Find out more Need other PCI DSS support?

Compliance 92

Compliance Encryption e-Discovery Access 92

Hunton Privacy

NOVEMBER 8, 2022

SHIFT Counsellors at Law reports from Indonesia that The People’s Representative Council of the Republic of Indonesia has ratified Indonesia’s draft law on personal data protection. The law, which is partly modeled on the EU General Data Protection Regulation, is Indonesia’s first “umbrella regulation” on personal data protection.

Personal data 134

Personal data GDPR Compliance Information Security 134

IT Governance

JULY 4, 2024

Expert insight from a data privacy trainer and DPO “Organisations tend to overcomplicate GDPR [General Data Protection Regulation] compliance.” Specifically for GDPR compliance , records of processing activities, also known as ‘ROPAs’, are one compliance activity that tends to be overcomplicated. What is a ROPA?

GDPR 88

GDPR Compliance Data Privacy Privacy 88

Data Protection Report

APRIL 30, 2024

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The order also, in Section IX, set forth data destruction requirements and a data retention policy.

Personal data 85

Personal data Privacy Information governance Compliance 85

Data Protection Report

FEBRUARY 25, 2020

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Highlights of the CAC Circular.

Personal data 133

Personal data Big data Data Privacy Data breaches 133

Thales Cloud Protection & Licensing

MAY 22, 2024

The regulation didn't just introduce new rules—it upended the entire approach to data privacy. Designed to safeguard the personal data of EU citizens, it introduced a paradigm shift towards a privacy-first approach. Digital enterprises found themselves compelled to adapt and navigate a new standard of data handling.

GDPR 62

GDPR Compliance Privacy Personal data 62

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Background.

Personal data 93

Personal data Compliance Privacy Access 93

DLA Piper Privacy Matters

AUGUST 22, 2023

To add to the compliance burden, new mandatory, periodic and detailed data protection compliance audits have now been proposed in China, with measures beyond the usual governance/compliance audit compliance steps expected under other data protection frameworks, and a duty to report the audit results to the China data authorities.

Compliance 75

Compliance Personal data Government Access 75

DLA Piper Privacy Matters

MAY 23, 2023

Vietnam’s long-awaited, first-ever Personal Data Protection Decree (“ PDPD ”) has finally been passed and is scheduled to take effect from 1 July 2023 (save limited grace period exceptions). The most notable provisions of the PDPD relate to the compliance requirements in general processing and cross-border transfers of personal data.

Personal data 52

Personal data Compliance Data Privacy Data breaches 52

Hunton Privacy

MAY 29, 2020

The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. 2563 (2020) (the “Royal Decree”).

Personal data 84

Personal data Compliance Insurance IT 84

DLA Piper Privacy Matters

JUNE 27, 2023

Global flows of personal data have been a source of geopolitical concern for many years now. To date, these compliance challenges were essentially limited to personal data processing, so some organisations and sectors had to do more than others.

Personal data 52

Personal data Data Privacy GDPR Compliance 52

Data Protection Report

MARCH 15, 2024

The judgment of the ECJ is unsurprising given previous case law on the definitions of “personal data” and “controller” under the GDPR and the ECJ’s emphasis that the overarching objective of the GDPR is to “[ ensure] a high level of protection of the fundamental rights and freedoms of natural persons ”.

Personal data 75

Personal data GDPR Access Compliance 75

DLA Piper Privacy Matters

APRIL 11, 2022

Given these higher financial penalties, organisations collecting, using or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. of personal data); and. of personal data); and.

Personal data 97

Personal data Compliance Cybersecurity Government 97

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data 103

Personal data Data breaches Data collection GDPR 103

DLA Piper Privacy Matters

AUGUST 22, 2023

The Draft Measures propose to introduce or flesh out other compliance requirements contained in the PIPL. This will, therefore, require more in-depth privacy notices than businesses may be used to providing in China. All these indicate that DPO should be a relatively senior position within an organization.

Compliance 98

Compliance Personal data Privacy Government 98

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Personal data 71

Personal data Encryption Data breaches Authentication 71

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. The new “data bridge” would extend the EU-US Data Privacy Framework.

Personal data 62

Personal data Data Privacy Privacy GDPR 62

Data Matters

SEPTEMBER 23, 2021

If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL. In particular, a company should pay attention to the following differences between PIPL and GDPR: Data localization.

Data Privacy 94

Data Privacy Compliance Privacy Personal data 94

IT Governance

MAY 25, 2023

Given the scale and nature of its operations, Meta is obviously something of a special case, but the wider implications for personal data transfers from the EU to the US are clear: this case is surely going to be another nail in the coffin of the new EU-US DPF (Data Privacy Framework).

GDPR 84

GDPR Compliance Personal data Data Privacy 84

Data Protection Report

OCTOBER 12, 2020

Following the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) public consultation in May this year (Public Consultation), the Personal Data Protection (Amendment) Bill (Bill) was introduced and had its first reading in Parliament on 5 October 2020.

Personal data 97

Personal data Data breaches Compliance Communications 97

Hunton Privacy

APRIL 12, 2021

On April 8, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted comments in response to the Ministry of Public Security (“MPS”) of Vietnam’s Draft Decree on Personal Data Protection (“Draft Decree”). Read CIPL’s full comments in English and in Vietnamese.

Personal data 87

Personal data Privacy Data breaches Compliance 87

Data Breach Today

JUNE 22, 2023

French Regulator Fines Criteo for Website Cookie Tracking Tools The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.

GDPR 246

GDPR Personal data Privacy Compliance 246

Thales Cloud Protection & Licensing

FEBRUARY 18, 2021

Key steps on the road to LGPD compliance. Brazil, the largest country in both South America and Latin America, released a data privacy law bringing new business opportunities, especially in the international domain. Reporting: demonstrates compliance and facilitates the administrative procedures required by LGPD (Article 50).

Compliance 98

Compliance Unstructured data Personal data Big data 98

DLA Piper Privacy Matters

FEBRUARY 3, 2021

Organisations must now notify the Personal Data Protection Commission (PDPC) and affected individuals if a data breach results in, or is likely to result in, significant harm to affected individuals, or affects 500 or more individuals. The Personal Data Protection (Amendment) Act 2020 is available here: [link].

Personal data 98

Personal data Data breaches Compliance Privacy 98

DLA Piper Privacy Matters

JULY 21, 2020

The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. Submissions.

Personal data 99

Personal data Access Compliance Privacy 99

Hunton Privacy

JANUARY 31, 2022

Generally, these AI-driven solutions require the processing of significant amounts of personal data for the AI model’s own training, which often is not the purpose for which the personal data originally was collected. Read the full article published by Infosecurity Magazine.

Artificial Intelligence 98

Artificial Intelligence Compliance GDPR Personal data 98

Data Protection Report

JUNE 1, 2020

For example, in February of this year, the FCA and ICO issued a joint statement warning regulated firms and insolvency practitioners of their responsibilities when dealing with personal data. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? Asset sales.

Personal data 100

Personal data Sales Marketing GDPR 100

Hunton Privacy

AUGUST 10, 2023

On August 9, 2023, India’s upper house ( i.e. , Rajya Sabha) passed the Digital Personal Data Protection Bill (“DPDPB”), two days after India’s lower house ( i.e. , Lok Sabha) passed the legislation. The DPDPB now heads to India President Droupadi Murmu for signature.

Personal data 52

Personal data Data breaches Government Access 52

DLA Piper Privacy Matters

FEBRUARY 17, 2021

Securities and Exchange Commission (“ SEC ”) confirming that SEC-regulated UK domiciled firms (“ UK Regulated Firms ”) can share personal data with the SEC when seeking to comply with regulatory obligations, in compliance with the UK GDPR. As the GDPR places restrictions on the transfer of personal data to the U.S.,

Personal data 98

Personal data GDPR Security Compliance 98

Data Protection Report

JUNE 4, 2021

The Hong Kong Government is proposing amendments to the Personal Data (Privacy) Ordinance (the “ PDPO ”) to combat doxxing acts. public display) personal data of a data subject. Also, the new provisions not only protect the data subject, but also offer protection to his/her immediate family members.

Personal data 98

Personal data Data Privacy Privacy Paper 98

Data Protection Report

JUNE 26, 2023

The Guidance sits alongside the ICO’s recommendation that organisations should, if they haven’t already, start using PETs to share personal data safely, securely and anonymously. It focuses on how PETs can help achieve data protection compliance but keeps the description of the PETs themselves quite high level.

Personal data 52

Personal data Privacy Security Compliance 52

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. This is a significant reminder to organisations to start data mapping and assessment of all China data sooner rather than later.

Compliance 118

Compliance Personal data Security Risk 118

Collibra

JULY 23, 2020

Privacy Shield as an adequate framework for regulating exchanges of personal data between the European Union and United States. This decision introduces greater complexities to those managing data privacy because many multinational organizations relied on the Privacy Shield for cross-border data transfers.

Personal data 59

Personal data Data Privacy Privacy Compliance 59