Hunton Privacy

AUGUST 22, 2023

reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. Grounds for Collection and Processing Consent continues to be the primary legal ground for the processing of personal data.

Personal data 90

Personal data Data breaches GDPR Government 90

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. Large corporations tend to have the resources to deal with compliance issues. Paths to compliance.

Data Privacy 210

Data Privacy Compliance Privacy GDPR 210

Data Protection Report

SEPTEMBER 23, 2021

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

Personal data 111

Personal data Insurance GDPR Record destruction 111

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR 79

GDPR Compliance Personal data Privacy 79

IT Governance

FEBRUARY 16, 2024

For a start, maintaining data privacy and GDPR [General Data Protection Regulation] compliance will become increasingly complex through 2024, particularly for organisations operating across multiple jurisdictions. What are your top tips for ensuring compliance with the GDPR and similar laws?

Data Privacy 108

Data Privacy GDPR Compliance Privacy 108

DLA Piper Privacy Matters

OCTOBER 21, 2022

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia. Data Protection Officer (DPO). Overseas Data Transfers. The law is primarily consent-based.

Personal data 98

Personal data Compliance Risk Access 98

Hunton Privacy

NOVEMBER 8, 2022

SHIFT Counsellors at Law reports from Indonesia that The People’s Representative Council of the Republic of Indonesia has ratified Indonesia’s draft law on personal data protection. The law, which is partly modeled on the EU General Data Protection Regulation, is Indonesia’s first “umbrella regulation” on personal data protection.

Personal data 134

Personal data GDPR Compliance Information Security 134

Data Protection Report

FEBRUARY 25, 2020

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Highlights of the CAC Circular.

Personal data 133

Personal data Big data Data Privacy Data breaches 133

Data Protection Report

APRIL 30, 2024

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The order also, in Section IX, set forth data destruction requirements and a data retention policy.

Personal data 85

Personal data Privacy Information governance Compliance 85

IT Governance

JULY 4, 2024

Expert insight from a data privacy trainer and DPO “Organisations tend to overcomplicate GDPR [General Data Protection Regulation] compliance.” Specifically for GDPR compliance , records of processing activities, also known as ‘ROPAs’, are one compliance activity that tends to be overcomplicated. What is a ROPA?

GDPR 93

GDPR Compliance Data Privacy Privacy 93

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Background.

Personal data 93

Personal data Compliance Privacy Access 93

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

DLA Piper Privacy Matters

AUGUST 22, 2023

To add to the compliance burden, new mandatory, periodic and detailed data protection compliance audits have now been proposed in China, with measures beyond the usual governance/compliance audit compliance steps expected under other data protection frameworks, and a duty to report the audit results to the China data authorities.

Compliance 75

Compliance Personal data Government Access 75

DLA Piper Privacy Matters

MAY 23, 2023

Vietnam’s long-awaited, first-ever Personal Data Protection Decree (“ PDPD ”) has finally been passed and is scheduled to take effect from 1 July 2023 (save limited grace period exceptions). The most notable provisions of the PDPD relate to the compliance requirements in general processing and cross-border transfers of personal data.

Personal data 52

Personal data Compliance Data Privacy Data breaches 52

Thales Cloud Protection & Licensing

MAY 22, 2024

The regulation didn't just introduce new rules—it upended the entire approach to data privacy. Designed to safeguard the personal data of EU citizens, it introduced a paradigm shift towards a privacy-first approach. Digital enterprises found themselves compelled to adapt and navigate a new standard of data handling.

GDPR 62

GDPR Compliance Privacy Personal data 62

IT Governance

SEPTEMBER 17, 2024

If you can reduce the risk of data breaches and card fraud by reducing your scope, you can reduce your compliance burden to as little as 21 sub-requirements ( SAQ P2PE ). Let’s look at eight ways you can reduce your CDE (cardholder data environment) to reduce your PCI scope. Find out more Need other PCI DSS support?

Compliance 95

Compliance Encryption e-Discovery Access 95

Hunton Privacy

MAY 29, 2020

The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. 2563 (2020) (the “Royal Decree”).

Personal data 84

Personal data Compliance Insurance IT 84

DLA Piper Privacy Matters

JUNE 27, 2023

Global flows of personal data have been a source of geopolitical concern for many years now. To date, these compliance challenges were essentially limited to personal data processing, so some organisations and sectors had to do more than others.

Personal data 52

Personal data Data Privacy GDPR Compliance 52

DLA Piper Privacy Matters

APRIL 11, 2022

Given these higher financial penalties, organisations collecting, using or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. of personal data); and. of personal data); and.

Personal data 97

Personal data Compliance Cybersecurity Government 97

IT Governance

AUGUST 8, 2024

Similarly, few people enjoy complex compliance, with documentation scattered in many places, giving you a headache when anything GDPR (General Data Protection Regulation) crops up. That needn’t even be an investigation or audit – a data subject simply exercising their rights might already cause problems.

GDPR 52

GDPR Compliance Personal data Risk 52

Data Protection Report

MARCH 15, 2024

The judgment of the ECJ is unsurprising given previous case law on the definitions of “personal data” and “controller” under the GDPR and the ECJ’s emphasis that the overarching objective of the GDPR is to “[ ensure] a high level of protection of the fundamental rights and freedoms of natural persons ”.

Personal data 75

Personal data GDPR Access Compliance 75

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data 105

Personal data Data breaches Data collection GDPR 105

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Personal data 71

Personal data Encryption Data breaches Authentication 71

DLA Piper Privacy Matters

AUGUST 22, 2023

The Draft Measures propose to introduce or flesh out other compliance requirements contained in the PIPL. This will, therefore, require more in-depth privacy notices than businesses may be used to providing in China. All these indicate that DPO should be a relatively senior position within an organization.

Compliance 98

Compliance Personal data Privacy Government 98

Data Matters

SEPTEMBER 23, 2021

If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL. In particular, a company should pay attention to the following differences between PIPL and GDPR: Data localization.

Data Privacy 94

Data Privacy Compliance Privacy Personal data 94

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. The new “data bridge” would extend the EU-US Data Privacy Framework.

Personal data 62

Personal data Data Privacy Privacy GDPR 62

IT Governance

MAY 25, 2023

Given the scale and nature of its operations, Meta is obviously something of a special case, but the wider implications for personal data transfers from the EU to the US are clear: this case is surely going to be another nail in the coffin of the new EU-US DPF (Data Privacy Framework).

GDPR 89

GDPR Compliance Personal data Data Privacy 89

Data Protection Report

OCTOBER 12, 2020

Following the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) public consultation in May this year (Public Consultation), the Personal Data Protection (Amendment) Bill (Bill) was introduced and had its first reading in Parliament on 5 October 2020.

Personal data 97

Personal data Data breaches Compliance Communications 97

Hunton Privacy

APRIL 12, 2021

On April 8, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted comments in response to the Ministry of Public Security (“MPS”) of Vietnam’s Draft Decree on Personal Data Protection (“Draft Decree”). Read CIPL’s full comments in English and in Vietnamese.

Personal data 87

Personal data Privacy Data breaches Compliance 87

Collibra

NOVEMBER 5, 2024

Our exclusive webinar with Atrak Yadegari from Deloitte and Guido Bilstein from Collibra explored the key requirements of the EU AI Act and fast-track strategies to accelerate your compliance readiness. Organizations must quickly assess their AI systems, understand the risks involved, and prepare for compliance.

Compliance 40

Compliance Risk Government Privacy 40

Collibra

JANUARY 28, 2019

For companies, getting data privacy right is no longer just a compliance exercise – a box to be ticked. Instead, having a robust approach to managing personal data well is beginning to be seen as an important competitive advantage for organizations. Today – January 28 – is Data Privacy Day around the globe.

Personal data 40

Personal data Compliance Data Privacy Data breaches 40

DLA Piper Privacy Matters

FEBRUARY 3, 2021

Organisations must now notify the Personal Data Protection Commission (PDPC) and affected individuals if a data breach results in, or is likely to result in, significant harm to affected individuals, or affects 500 or more individuals. The Personal Data Protection (Amendment) Act 2020 is available here: [link].

Personal data 98

Personal data Data breaches Compliance Privacy 98

Thales Cloud Protection & Licensing

FEBRUARY 18, 2021

Key steps on the road to LGPD compliance. Brazil, the largest country in both South America and Latin America, released a data privacy law bringing new business opportunities, especially in the international domain. Reporting: demonstrates compliance and facilitates the administrative procedures required by LGPD (Article 50).

Compliance 98

Compliance Unstructured data Personal data Big data 98

DLA Piper Privacy Matters

JULY 21, 2020

The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. Submissions.

Personal data 99

Personal data Access Compliance Privacy 99

Data Breach Today

JUNE 22, 2023

French Regulator Fines Criteo for Website Cookie Tracking Tools The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.

GDPR 246

GDPR Personal data Privacy Compliance 246

Hunton Privacy

JANUARY 31, 2022

Generally, these AI-driven solutions require the processing of significant amounts of personal data for the AI model’s own training, which often is not the purpose for which the personal data originally was collected. Read the full article published by Infosecurity Magazine.

Artificial Intelligence 98

Artificial Intelligence Compliance GDPR Personal data 98

Data Protection Report

JUNE 1, 2020

For example, in February of this year, the FCA and ICO issued a joint statement warning regulated firms and insolvency practitioners of their responsibilities when dealing with personal data. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? Asset sales.

Personal data 100

Personal data Sales Marketing GDPR 100