Data Protection Report

JUNE 17, 2020

This judgement concerns the legality of the European Commission approved Standard Contractual Clauses ( SCCs ) which many organisations rely on to transfer personal data outside of the UK and the European Economic Area ( EEA ), particularly in relation to outsourcing services.

Personal data 119

Personal data Communications Access GDPR 119

HL Chronicle of Data Protection

APRIL 21, 2020

The new guidelines are applicable to public and private companies for the processing of their employees’ personal data. For example, for recruitment purposes, pre-contractual measures or legitimate interests are acceptable legal bases for the CNIL. Categories of personal data. Retention periods.

Personal data 133

Personal data GDPR Big data Compliance 133

Security Affairs

MARCH 12, 2023

This percentage could rapidly increase in the next months with the integration of the technology in multiple services, for example through the use of ChatGPT API. The experts also warn that enterprise security software cannot monitor the use of ChatGPT by employees and prevent the leak of sensitive/confidential company data.

Risk 98

Risk Artificial Intelligence Privacy Personal data 98

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. Everything from email addresses to political opinions counts as personal data.

GDPR 79

GDPR Compliance Personal data Privacy 79

Data Matters

SEPTEMBER 30, 2020

of personal data of EU residents, following the decision of the Court of Justice of the European Union (“CJEU,” or “ECJ”) in Schrems II – more formally known as Data Protection Commissioner v. Privacy Shield as a basis for transferring EU personal data to the United States because of the Court’s view that U.S.

Paper 127

Paper Government Security Privacy 127

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan.

Cybersecurity 156

Cybersecurity Financial Services Authentication Government 156

DLA Piper Privacy Matters

AUGUST 3, 2020

The amended APPI could have a significant impact on companies that handle personal information. Under the current APPI, data subjects have the right to request access, correction, deletion and cessation of the use of their personal data that is or is intended to be retained for six months or more (the “ Rights of Data Subjects “).

Personal data 122

Personal data Data breaches Compliance Risk 122

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Cyber criminals continued to wreak havoc, with the likes of Twitter , Uber and Neopets all reporting mammoth data breaches.

Security 128

Security Data breaches Ransomware Military 128

Data Protection Report

JUNE 7, 2021

On Friday 4 June, the European Commission published the finalised version of the new Standard Contractual Clauses for transferring personal data from the EU to third countries (the New SCCs). Companies now have 18 months to update their supplier contracts and other data export arrangements. Article 4 of Implementing Decision ).

Personal data 119

Personal data GDPR Data breaches Access 119

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR 74

GDPR Compliance Personal data Privacy 74

Hunton Privacy

MAY 4, 2021

Decedent’s Personal Information. Article 49 adds provisions regarding the protection of personal information of decedents, whose rights provided under the Draft PIPL may be exercised by near relatives on the decedent’s behalf. Specific Data Processor. Inversion of Burden of Proof.

Personal data 94

Personal data IT Information Security Privacy 94

Data Matters

NOVEMBER 16, 2020

On November 2, 2020, Singapore’s legislature finally approved amendments to the Personal Data Protection Act (PDPA). NEW mandatory data breach notification requirement. Consent to the processing of personal data will now be deemed to have been obtained based on. Expanded scope of “deemed consent”.

Data Privacy 67

Data Privacy Privacy Data breaches Personal data 67

DLA Piper Privacy Matters

OCTOBER 7, 2021

The Middle East’s data protection regulatory landscape is complex, and continues to develop with Saudi Arabia’s ( KSA ) newly published Personal Data Protection Law ( PDPL ). While the PDPL contains the main features of a modern data protection law, it cannot be considered a direct analogue of the GDPR.

Personal data 96

Personal data Compliance Computer and Electronics IoT 96

Security Affairs

SEPTEMBER 15, 2023

Behind the sleek interfaces and promising functionalities lurks a hidden concern that has captured the attention of security researchers and users alike – dangerous Android app permissions. Android permissions The Android operating system has a comprehensive permission system designed to protect a user’s privacy and security.

Privacy 118

Privacy Access IT Security 118

Hunton Privacy

FEBRUARY 24, 2020

The Guidance contains advice on how to understand data protection law in relation to artificial intelligence (“AI”) and recommendations for organizational and technical measures to mitigate the risks AI poses to individuals. It also provides a methodology to audit AI applications and ensure they process personal data fairly.

Personal data 57

Personal data Risk Artificial Intelligence Privacy 57

IT Governance

JUNE 13, 2019

If your organisation is subject to the GDPR (General Data Protection Regulation) , you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold. An essential principle of this is data protection by design and by default.

GDPR 80

GDPR Personal data Compliance Privacy 80

Data Protection Report

NOVEMBER 2, 2023

In 2017, Equifax Inc, suffered a cybersecurity breach, with hackers able to access the personal data of around 13.8 Firms should seek to avoid barriers for customers hindering access to any incident pages set up – for example, cookies should not obscure key links or information.

GDPR 78

GDPR Risk Cybersecurity Compliance 78

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The CNIL provides practical advice to the management and the operational staff who process personal data, in order to ensure that such processing is carried out in compliance with the applicable data protections laws. The DPO is the key contact for the CNIL and data subjects. Provide information and advice.

GDPR 116

GDPR Compliance Personal data Communications 116

IT Governance

FEBRUARY 28, 2018

This method also enables you to assess the risks in your data processing activities and identify where controls are required, for example, assessing privacy and data security risks. Data flow mapping may seem daunting, but you can simplify the process with the Data Flow Mapping Tool.

Privacy 53

Privacy GDPR Personal data Compliance 53

IT Governance

APRIL 20, 2020

With the coronavirus pandemic keeping us stuck inside and struggling to find ways to remain productive, now might be the perfect time to take an online cyber security training course. Let’s take a look at five of the best online courses for cyber security. Certified Cyber Security Foundation Training Course.

Security 59

Security GDPR Phishing Data breaches 59

DLA Piper Privacy Matters

FEBRUARY 23, 2022

In the proposal, “data” is broadly defined and contains both personal and non-personal data. This means that the Data Act would further regulate personal data in addition to the GDPR. The Data Act would apply to all types of enterprises, in principle, including small and micro businesses.

GDPR 97

GDPR Personal data IoT Access 97

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used.

GDPR 101

GDPR Privacy Retail Personal data 101

IT Governance

NOVEMBER 8, 2018

The EU’s GDPR (General Data Protection Regulation) gives data subjects the right to access their personal data from data controllers that are processing it and “to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing”.

GDPR 58

GDPR Access Personal data Compliance 58

Hunton Privacy

APRIL 1, 2020

The Conference of German Data Protection Authorities (“DSK”), the body of the federal and state Data Protection Authorities (“DPAs”) in Germany, recently issued joint recommendations regarding employers’ processing of employee personal data in the context of the coronavirus (“COVID-19”) pandemic.

Personal data 82

Personal data Authentication Communications Risk 82

Data Matters

JULY 8, 2019

The proposed fine relates to a cyber incident which BA notified to the ICO (as BA’s lead data protection authority, DPA) in September 2018. The incident involved the theft from the BA website and mobile app of personal data relating to customers over a two-week period.

GDPR 73

GDPR Privacy Data breaches Risk 73

Data Matters

JUNE 25, 2021

The European Data Protection Board (“ EDPB ”), adopted on 18 June 2021 its final recommendations describing how controllers and processors transferring personal data outside the European Economic Area (“ EEA ”) may comply with the Schrems II ruling (“ Final Schrems II Recommendations ”). STEP 1 – Mapping Exercise.

Personal data 78

Personal data Access Communications Cloud 78

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data 67

Personal data GDPR Data Privacy Privacy 67

Hunton Privacy

JUNE 9, 2020

However, the simple reading of individuals’ temperatures without recording any data does not constitute a processing activity under the EU General Data Protection Regulation (“GDPR”) and is therefore allowed from a data protection standpoint.

GDPR 87

GDPR Personal data Access IT 87

IT Governance

OCTOBER 7, 2019

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The department is full of personal data, whether it’s of employees, their next of kin or candidates responding to job adverts. Let’s take a look at five issues that HR must address when handling personal data.

GDPR 52

GDPR Personal data Compliance Communications 52

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). It is not necessary that controllers have access to the personal data.

GDPR 95

GDPR Personal data Data breaches Compliance 95

Data Protection Report

SEPTEMBER 16, 2021

We will discuss the guidance issued by (i) the Ministry of Manpower (“ MOM ”) on the updated safe management measures at the workplace; (ii) the MOM on COVID-19 vaccination in relation to the workplace; and (iii) the Personal Data Protection Commission (“ PDPC ”) on the collection of personal data at the workplace for COVID-19 contact tracing.

Personal data 52

Personal data Data collection Risk Access 52

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. People and processes to manage the security and privacy of customer data.

GDPR 40

GDPR Compliance Personal data Data Privacy 40

Hunton Privacy

MARCH 19, 2019

The Belgian Data Protection Authority (“DPA”) requested the Opinion, highlighting questions on the competence, tasks and powers of EU DPAs and the applicability of the GDPR’s cooperation and consistency mechanisms in those situations where both the GDPR and the ePrivacy Directive apply to the processing of personal data.

GDPR 45

GDPR Personal data Communications Government 45

Hunton Privacy

MARCH 17, 2017

know where the data is being transferred and to whom, where it is hosted and for how long it’s retained. This prioritization must be carried out, taking into consideration the risks to the rights and freedoms of the data subjects. verifying the data security measures implemented.

GDPR 75

GDPR Personal data Compliance Privacy 75

Hunton Privacy

JANUARY 23, 2019

A complaint-handling mechanism, administered and supervised by the Japanese Personal Information Protection Commission, to investigate and resolve complaints from Europeans regarding access to their data by Japanese public authorities. Commenting on the Adequacy Decision, V?ra

Personal data 54

Personal data Access Privacy Security 54

Collibra

JANUARY 14, 2020

Although much of the ink spilled around data privacy focuses on obeying regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), it’s a mistake to think about data privacy as a compliance exercise. To take this approach is to miss an opportunity.

Digital transformation 52

Digital transformation Data Privacy Privacy IoT 52

IT Governance

MARCH 20, 2018

The GDPR introduces the ‘right of access’ for individuals and from 25 May, the compliance deadline, data subjects will have the right to request: Confirmation that their data is being processed; Access to their personal data; and. Help creating a data subject access request procedure.

GDPR 63

GDPR Access Personal data Compliance 63