Exercises, GDPR and Government - Information Management Today

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

Security Affairs

JANUARY 17, 2025

noyb filed GDPR complaints against the above companies for unlawfully transferring EU users’ data to China. The privacy non-profit organization requested the immediate suspension of data transfers to China due to the risk that the government of Beijing could access data of EU citizens.

Privacy

Privacy GDPR Compliance Personal data

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime. Reform of Article 22.

GDPR

GDPR Government Personal data Risk

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

JANUARY 10, 2019

While a blockchain provides a trusted framework for the integrity and auditability of transactions it stands in stark contrast to the ambition of the GDPR Regulation, the foundation of which is to enable data subjects to exercise greater degree of control over the processing of personally identifiable information.

Blockchain

Blockchain GDPR Privacy Personal data

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

IRELAND: First GDPR fine issued in Ireland

DLA Piper Privacy Matters

MAY 19, 2020

Tusla, Ireland’s child and family agency, has become the first organisation fined under the GDPR in Ireland. In 2017, the DPC’s Special Investigation Unit (SIU) investigated the governance of Tusla, examining the processing of personal data in child protection cases. Eilis McDonald & John Magee.

GDPR

GDPR Personal data Government Paper

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. GDPR Compliance Starts with Data Discovery. GDPR Compliance Starts with Data Discovery. Compliance with GDPR is just a short five months away. The Privacy and Security Dichotomy.

GDPR

GDPR Compliance Data collection Privacy

GDPR Article 17: What Is the Right to Erasure?

IT Governance

MARCH 30, 2023

Article 17 of the GDPR (General Data Protection Regulation) plays a distinctive yet essential role in data protection law. Failure to fulfil this requirement is considered a serious breach and could be penalised under the GDPR’s upper tier of fines of €20 million (£17.5 What is the right to erasure? Can you charge a fee?

GDPR

GDPR Personal data Compliance Government

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Compliance Privacy Data Privacy

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

In that case, you must abide by the General Data Protection Regulation (GDPR), which imposes fines on some activities that are perfectly legal in the U.S. For instance, if you have employees in China and the EU, you’ll have to obtain Chinese government approval to provide data from China to EU authorities enforcing the GDPR.

Communications

Communications Cybersecurity GDPR Risk

GDPR Data Subject Access Requests: How to Respond

IT Governance

AUGUST 14, 2019

The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. Subject access requests are not new, but the GDPR introduced several changes that make responding to them more challenging. what a DSAR is, and how to manage them in line with the GDPR’s requirements.

GDPR

GDPR Access Personal data Privacy

List of free GDPR resources and templates

IT Governance

NOVEMBER 14, 2018

This blog was originally published before the GDPR took effect in May 2018. The EU’s GDPR (General Data Protection Regulation) requires all organisations that process EU residents’ personal data to abide by its strict terms. Webinar titles include: Risk assessments and applying organisational controls for GDPR compliance.

GDPR

GDPR Data breaches Compliance Paper

The European Commission’s GDPR review in short

Privacy and Cybersecurity Law

JULY 22, 2020

Two years after the GDPR entered into force, the European Commission ( EC ) issued its first evaluation of the GDPR. Individuals are increasingly aware of the GDPR and their GDPR rights. The GDPR’s international data transfer toolbox. We have addressed the key points from the EC’s evaluation below.

GDPR

GDPR Privacy Personal data Compliance

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Personal data Retail

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

This is the highest GDPR fine ever issued by the DPC, and the second highest by any EU regulator to date. The DPC issued two draft decisions in May 2020, which were subject to challenge and scrutiny by Concerned Supervisory Authorities in the months which followed, resulting in the GDPR dispute resolution procedure being initiated.

GDPR

GDPR Personal data Communications e-Delivery

Protecting or Posturing: What's Acceptable in New Data Privacy Practices

AIIM

APRIL 13, 2021

He refers to the current attention on privacy matters as “privacy theater,” believing that apps are grabbing more of our data than they need to get the job done, and any assertion that these brands care about our personal data is largely a public relations exercise. and Jasen Hutchinson, Manager, Corporate Records Compliance, JEA.

Data Privacy

Data Privacy Privacy Personal data Artificial Intelligence

CNIL Publishes Initial Assessment on Blockchain and GDPR

Hunton Privacy

OCTOBER 2, 2018

Recently, the French Data Protection Authority (“CNIL”) published its initial assessment of the compatibility of blockchain technology with the EU General Data Protection Regulation (GDPR) and proposed concrete solutions for organizations wishing to use blockchain technology when implementing data processing activities. What is a Blockchain?

Blockchain

Blockchain GDPR Personal data Compliance

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

One of the Government's core objectives throughout the Brexit negotiations has been to respect data protection rights, slash Brussels' red tape and allow the United Kingdom to be a competitive safe haven for businesses all over the world. The GDPR has had a profound impact on many organisations. I think it’s worth the effort, though.

Privacy

Privacy GDPR Personal data Computer and Electronics

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. Core elements of the GDPR: legal bases / conditions. On legitimate interests, the Government proposes disapplying the legitimate interest balancing test for certain activities.

Government

Government FOIA GDPR Compliance

EU: EU Commission publishes its evaluation of GDPR

DLA Piper Privacy Matters

JUNE 25, 2020

On 24 June, the European Commission published its evaluation report of the GDPR, just over two years after the GDPR become applicable. Commissioner Reynders further commented that the past two years have demonstrated the positive effects of the GDPR and that it is flexible tool, as the COVID-19 crisis has shown.

GDPR

GDPR IT Artificial Intelligence Personal data

GDPR: lawful bases for processing, with examples

IT Governance

MARCH 13, 2020

Under the EU GDPR (General Data Protection Regulation) , you need to identify a lawful basis before processing personal data. Lawfulness of processing under the GDPR. First published June 2018. Last updated March 2020. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data?

GDPR

GDPR Personal data Compliance Marketing

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

Top tips for data retention under the GDPR

IT Governance

NOVEMBER 12, 2018

Under the GDPR (General Data Protection Regulation) an organisation must not keep data for longer than it is needed. Article 5(1)(e) of the GDPR states: “1. There are no specific retention periods set under the GDPR, so it is up to your organisation to establish or identify them. Setting data retention periods.

GDPR

GDPR Personal data Paper Archiving

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Thales Cloud Protection & Licensing

NOVEMBER 14, 2019

For many international agreements, modern data protection and privacy regulations share some common principles, like the need of a data processor to have a legitimate reason for exercising any processing activity. A milestone in data protection – the GDPR. how data involving children is handled).

GDPR

GDPR Privacy Personal data Compliance

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. GDPR and Cookie Violations. Background.

GDPR

GDPR Personal data Data collection Marketing

Make data protection training fun with our GDPR Challenge game

IT Governance

FEBRUARY 13, 2020

Thanks to our GDPR Challenge E-learning Game , you can now reap the benefits of gamification when training your staff on their data protection obligations. Our GDPR Challenge E-learning Game contains a variety of data protection problems across a range of business scenarios. What you’ll learn by playing.

GDPR

GDPR Personal data Compliance Access

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

Data Matters

JULY 8, 2019

Today we saw the ICO issue a notice of its intention to fine British Airways £183.39m for infringements of the GDPR – a record fine and the largest seen in the UK and the EU. This action by the ICO demonstrates that they are prepared to enforce the GDPR and levy significant fines.

GDPR

GDPR Privacy Data breaches Risk

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR

GDPR Personal data Compliance Privacy

Data Protection: Whither the EU’s SCCs …

Data Protector

AUGUST 17, 2020

If the UK receives an EU adequacy assessment, presumably the UK Government will simply anglicise the new EU SCCs and ask UK organisations to use the new versions for the Non-EU, UK - Rest of the World data flows. To expect them to commission a similar exercise so soon is cruel (and costly). It could take years to complete.

GDPR

GDPR Personal data Government Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

Data governance for data privacy

Collibra

MAY 5, 2020

Organizations may be concerned about negative press and potential fines from the enforcement of GDPR and CCPA. They need data governance. . They need data governance. What does data governance do? Governance delivers the context, relationships, lineage, and access data citizens need to make decisions around data.

Data Privacy

Data Privacy Government Privacy Compliance

EDPB Releases Final Recommendations on Supplementary Measures for International Transfers

Hunton Privacy

JUNE 21, 2021

The mapping exercise should include onward transfers made by processors to whom data is disclosed. Organizations should identify the data transfer mechanism relied on under Chapter V of the GDPR, if necessary. Identify Data Transfer Mechanisms. Consider Supplementary Measures.

GDPR

GDPR Personal data Access Encryption

GDPR: lawful bases for processing, with examples

IT Governance

JUNE 15, 2018

What is a lawful basis for processing under the GDPR? Like the Data Protection Act 1998 (DPA 1998) that it superseded, the General Data Protection Regulation (GDPR) sets out six lawful bases for processing personal data. For tasks carried out in the public interest or exercise of authority vested in the data controller.

GDPR

GDPR Personal data Compliance Privacy

GDPR compliance for professional services firms: time to get on track

IT Governance

APRIL 3, 2018

The General Data Protection Regulation (GDPR)’s compliance deadline is looming. Below is a checklist of ten essential areas of the GDPR that you will need to review as part of your firm’s project. IT Governance is at the forefront of helping organisations globally to address the challenges of GDPR compliance.

GDPR

GDPR Compliance Personal data Risk

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

This blog was originally published before the GDPR took effect in May 2018. This blog explains how to write a GDPR-compliant DSAR (data subject access request) procedure to ensure you meet your obligations as a data controller. Data subject access request procedures under the GDPR. Updated X November 2018.

GDPR

GDPR Access Personal data Compliance

Six months of the GDPR: it’s not too late to comply

IT Governance

NOVEMBER 23, 2018

It’s been six months since the GDPR (General Data Protection Regulation) took effect, and for many people fatigue has already set in: mention the GDPR and you’re likely to get little more than a weary shrug in response. True, the first GDPR fines are yet to be issued, but this should not be a cause for complacency. they say. “No

GDPR

GDPR Compliance Personal data Data breaches

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams. GDPR requires a designated chief privacy officer (CPO). intelligence community and other government organizations.

Encryption

Encryption Cloud Privacy GDPR

The GDPR: Preparing your organisation for DSARs

IT Governance

JULY 11, 2019

The GDPR (General Data Protection Regulation) has strengthened individuals’ rights to see what information organisations store on them. Their first task will be to decide whether they can comply with the request within the one-month window permitted by the GDPR. Data subjects don’t need to go through a formal process to submit a DSAR.

GDPR

GDPR Personal data Access Data breaches

Is your organisation equipped for long-term GDPR compliance?

IT Governance

MAY 28, 2019

Last week, the GDPR (General Data Protection Regulation) turned one year old. GDPR compliance is an ongoing process and should be embedded by design in your data protection practices. The GDPR is as broad as possible when it comes to the security measures that organisations should implement.

GDPR

GDPR Compliance Personal data Risk

What are the Data Subject Rights under the GDPR?

IT Governance

NOVEMBER 15, 2018

This blog was originally published before the GDPR took effect in May 2018. The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Organisations must let individuals know how they can exercise these rights, and meet requests promptly. Learn more about the GDPR.

GDPR

GDPR Personal data Access Communications

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR

GDPR Privacy Sales Data breaches

Subject Access Requests in Scotland: Do you know what data is held about you?

IT Governance

NOVEMBER 12, 2018

The impact of the GDPR (General Data Protection Regulation) in Scotland is greater than most realise. One of the rights amended by the GDPR is the right of access. Some of the major Scottish organisations which you can request your data from include: National Records of Scotland , Scottish Government , Police Scotland and NHS Scotland.

Access

Access GDPR Personal data Retail

Why data subject access requests have become more common under the GDPR

IT Governance

JULY 15, 2019

That shouldn’t be a surprise, given that the spike correlates with the GDPR (General Data Protection Regulation) taking effect. But why exactly has the GDPR caused everyone to rush off to find out what information organisations store on them? The GDPR has scrapped the £10 fee that organisations could charge to fulfil a DSAR.

GDPR

GDPR Access Data Privacy Personal data

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

Data Matters

MARCH 9, 2021

On February 12, 2021, the European Commission ( Commission ) published an “Assessment of the EU Member States’ rules on health data in the light of GDPR” (the Assessment ). With the Assessment, the Commission sought to examine and analyse the Member States’ rules that govern the processing of health data. primary use.

GDPR

GDPR e-Delivery Government Access

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The guide is in line with the Article 29 Working Party Guidelines on Data Protection Officers (WP 243 rev 01) , but provides additional insights and practical guidance to organizations that designate a DPO in respect of GDPR and French data protection act requirements. Be the point of contact on GDPR issues.

GDPR

GDPR Compliance Personal data Communications

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. You might be surprised at how often your information is copied or transferred, which is why the GDPR makes it such a top priority. What does Article 30 require? Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Webinars

Trending Sources

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

Webinars

IRELAND: First GDPR fine issued in Ireland

Guest Post - Three Critical Steps for GDPR Compliance

GDPR Article 17: What Is the Right to Erasure?

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

GDPR Data Subject Access Requests: How to Respond

List of free GDPR resources and templates

The European Commission’s GDPR review in short

Does your use of CCTV comply with the GDPR?

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

Protecting or Posturing: What's Acceptable in New Data Privacy Practices

CNIL Publishes Initial Assessment on Blockchain and GDPR

Data Protection: Where’s the Brexit Privacy Dividend?

UK Government sets out proposals to shake up UK data protection laws

EU: EU Commission publishes its evaluation of GDPR

GDPR: lawful bases for processing, with examples

GDPR compliance checklist

Top tips for data retention under the GDPR

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Make data protection training fun with our GDPR Challenge game

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Data Protection: Whither the EU’s SCCs …

How to implement the General Data Protection Regulation (GDPR)

Data governance for data privacy

EDPB Releases Final Recommendations on Supplementary Measures for International Transfers

GDPR: lawful bases for processing, with examples

GDPR compliance for professional services firms: time to get on track

How to write a GDPR-compliant data subject access request procedure – with template

Six months of the GDPR: it’s not too late to comply

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The GDPR: Preparing your organisation for DSARs

Is your organisation equipped for long-term GDPR compliance?

What are the Data Subject Rights under the GDPR?

California Enacts Broad Privacy Laws Modeled on GDPR

Subject Access Requests in Scotland: Do you know what data is held about you?

Why data subject access requests have become more common under the GDPR

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

France: The CNIL publishes a practical guide on Data Protection Officers

How to comply with Article 30 of the GDPR

Stay Connected