Exercises, GDPR and Security - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How Organisations Are Failing to Process Personal Data Lawfully Under the GDPR

IT Governance

NOVEMBER 4, 2024

Problems with consent, purpose limitation, retention periods, and more At the heart of the GDPR (General Data Protection Regulation) lie the Article 5 data protection principles. How are organisations failing to process personal data lawfully under the GDPR, and how can they address this while improving their day-to-day business operations?

Personal data

Personal data GDPR Marketing Archiving

Streamlining GDPR Compliance With ROPAs, Data Flow Maps and DPIAs

IT Governance

AUGUST 8, 2024

A GDPR one-stop shop Few people like spreadsheets. Similarly, few people enjoy complex compliance, with documentation scattered in many places, giving you a headache when anything GDPR (General Data Protection Regulation) crops up. This blog also covers how to automate GDPR compliance. Fewer still like multiple spreadsheets.

GDPR

GDPR Compliance Personal data Risk

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Are you ready for a cyberattack?

OpenText Information Management

JUNE 4, 2024

This is where Tabletop Exercises (or incident response simulations), come into play. These exercises are essential for preparing your organization to effectively respond to a cyberattack. Even the most advanced security systems can be rendered ineffective without a well-prepared team with clear processes.

Security awareness

Security awareness Cybersecurity Compliance GDPR

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

IRELAND: First GDPR fine issued in Ireland

DLA Piper Privacy Matters

MAY 19, 2020

Tusla, Ireland’s child and family agency, has become the first organisation fined under the GDPR in Ireland. Organisations must ensure they have robust access controls and security measures in place to prevent against unauthorised disclosure. Eilis McDonald & John Magee.

GDPR

GDPR Personal data Government Paper

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

HL Chronicle of Data Protection

JULY 7, 2020

Under the European Union’s General Data Protection Regulation (GDPR), individuals have the right to access personal data collected about them, and to exercise that right easily and at reasonable intervals. The Dutch Data Protection Authority received complaints about the high standard BKR had set for accessing personal data.

GDPR

GDPR Personal data Data collection Access

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

This is the highest GDPR fine ever issued by the DPC, and the second highest by any EU regulator to date. The DPC issued two draft decisions in May 2020, which were subject to challenge and scrutiny by Concerned Supervisory Authorities in the months which followed, resulting in the GDPR dispute resolution procedure being initiated.

GDPR

GDPR Personal data Communications e-Delivery

The European Commission’s GDPR review in short

Privacy and Cybersecurity Law

JULY 22, 2020

Two years after the GDPR entered into force, the European Commission ( EC ) issued its first evaluation of the GDPR. Individuals are increasingly aware of the GDPR and their GDPR rights. The GDPR’s international data transfer toolbox. We have addressed the key points from the EC’s evaluation below.

GDPR

GDPR Privacy Personal data Compliance

Irish Commissioner Fines WhatsApp €225 Million For GDPR Violations

Hunton Privacy

SEPTEMBER 3, 2021

On September 2, 2021, Ireland’s Data Protection Commission (“DPC”) announced a fine of €225 million ($266 million) against WhatsApp Ireland Ltd (“WhatsApp”) for failure to meet the transparency requirements of Articles 12-14 of the EU General Data Protection Regulation (“GDPR”). Eight other EU regulators objected to the DPC’s draft decision.

GDPR

GDPR Compliance Personal data IT

Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

Hunton Privacy

FEBRUARY 3, 2022

The TCF is a GDPR consent solution developed by IAB Europe that has become a widely used approach to collecting and managing consent for targeted advertising cookies in the EU. Accountability, Security, and Data Protection by Design and By Default. Audit participating organizations to ensure they comply with the GDPR.

GDPR

GDPR Personal data Marketing IT

List of free GDPR resources and templates

IT Governance

NOVEMBER 14, 2018

This blog was originally published before the GDPR took effect in May 2018. The EU’s GDPR (General Data Protection Regulation) requires all organisations that process EU residents’ personal data to abide by its strict terms. Webinar titles include: Risk assessments and applying organisational controls for GDPR compliance.

GDPR

GDPR Data breaches Compliance Paper

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Data collection Privacy

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

Data Matters

JULY 8, 2019

Today we saw the ICO issue a notice of its intention to fine British Airways £183.39m for infringements of the GDPR – a record fine and the largest seen in the UK and the EU. This action by the ICO demonstrates that they are prepared to enforce the GDPR and levy significant fines.

GDPR

GDPR Privacy Data breaches Risk

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Retail Personal data

CNIL Publishes Initial Assessment on Blockchain and GDPR

Hunton Privacy

OCTOBER 2, 2018

Recently, the French Data Protection Authority (“CNIL”) published its initial assessment of the compatibility of blockchain technology with the EU General Data Protection Regulation (GDPR) and proposed concrete solutions for organizations wishing to use blockchain technology when implementing data processing activities. What is a Blockchain?

Blockchain

Blockchain GDPR Personal data Compliance

GDPR: One Year On

Data Matters

MAY 31, 2019

The 25th of May, 2019 marked a year since the EU General Data Protection Regulation (“ GDPR ”) came into force. Perhaps of most interest has been how the data protection authorities (“ DPAs ”) would exercise their expanded enforcement powers under the GDPR. Data Breaches and Enforcement Action. Privacy Awareness and Litigation.

GDPR

GDPR Data breaches Privacy Compliance

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. GDPR and Cookie Violations. Background.

GDPR

GDPR Personal data Data collection Marketing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. The involvement of an entity is triggered when it exercises ‘decisive influence’.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. The involvement of an entity is triggered when it exercises ‘decisive influence’.

GDPR

GDPR Personal data Privacy Manufacturing

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Privacy Data Privacy

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR

GDPR Personal data Data breaches Compliance

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Thales Cloud Protection & Licensing

NOVEMBER 14, 2019

Reviewing the negative effects of high-profile breaches and security incidents on organizations globally, it is apparent that for a digital economy to function properly, data protection and privacy is directly related to the level of commerce quality. A milestone in data protection – the GDPR.

GDPR

GDPR Privacy Compliance Personal data

Driving GDPR Compliance

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. But hurriedly planning for the GDPR is not the solution. Six phases of GDPR compliance.

GDPR

GDPR Compliance Personal data Data Privacy

A guide to cyber security for marketing agencies

IT Governance

FEBRUARY 9, 2021

If your marketing agency is under the impression that cyber security is strictly an IT issue, you should think again. Effective security is a company-wide commitment, and marketers play one of the most crucial roles. The system helps organisations manage, monitor and improve their security practices in one place.

Marketing

Marketing Security GDPR Privacy

Is your organisation equipped for long-term GDPR compliance?

IT Governance

MAY 28, 2019

Last week, the GDPR (General Data Protection Regulation) turned one year old. GDPR compliance is an ongoing process and should be embedded by design in your data protection practices. The GDPR is as broad as possible when it comes to the security measures that organisations should implement.

GDPR

GDPR Compliance Personal data Risk

EDPB Releases Overview on the Implementation and Enforcement of the GDPR

Hunton Privacy

MARCH 8, 2019

The Overview provides key statistics relating to the consistency mechanism among national data protection authorities (“DPAs”), the cooperation mechanism of the EDPB, the means and powers of the DPAs and enforcement of the GDPR at the national level. Implementation and Enforcement of the GDPR at National Level.

GDPR

GDPR Data breaches Personal data Marketing

Six months of the GDPR: it’s not too late to comply

IT Governance

NOVEMBER 23, 2018

It’s been six months since the GDPR (General Data Protection Regulation) took effect, and for many people fatigue has already set in: mention the GDPR and you’re likely to get little more than a weary shrug in response. True, the first GDPR fines are yet to be issued, but this should not be a cause for complacency. they say. “No

GDPR

GDPR Compliance Personal data Data breaches

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Data Protector

JANUARY 29, 2017

And also, what standard of evidence is necessary to be generated, just in case privacy regulators exercise their Article 30(4) right to request it. Because the other firm had decided to focus on some obscure GDPR issues that the original firm didn’t think were particularly relevant. Does this matter? I’m not aware of many cases.

GDPR

GDPR Privacy Compliance Personal data

Will reforms take the DP out of GDPR?

CILIP

NOVEMBER 16, 2021

Will reforms take the DP out of GDPR? It aims to change the UK GDPR regime from a ?box-ticking? exercise to a risk-management one, and aims to do so without threatening the data security of individuals. t see the risk coming from undermining data security, but from inadvertently raising new barriers to trade.

GDPR

GDPR Personal data Government Risk

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

SaaS security checklists are frameworks for protecting data and applications in cloud-based environments. They serve as benchmarks for upholding strong security requirements, evaluating existing tools, and assessing potential solutions. We’ve designed a customizable template to help you develop your own SaaS security checklist.

Security

Security Compliance Cybersecurity Communications

CCTV and the GDPR – an overview for small businesses

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. You can find more information about GDPR compliance on our website >> Data processing principles (Article 5).

GDPR

GDPR Personal data Privacy Access

GDPR – The Work Ahead

HL Chronicle of Data Protection

MAY 9, 2019

A year has gone by since the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) became effective and the digital economy is still going and growing. The effect of the GDPR has been noticeable, but in a subtle sort of way. So what are the important areas of focus to achieve GDPR compliance?

GDPR

GDPR Compliance Privacy Personal data

Spanish Senate signs-off new GDPR-compliant Data Protection Act

DLA Piper Privacy Matters

NOVEMBER 21, 2018

After a very long delay and amidst rumors that the Spanish Parliament could be dissolved and early elections called, the Spanish Senate speedily dismissed all the proposals for further changes and approved the new GDPR-compliant Spanish Data Protection Act on Wednesday 21 November 2018.

GDPR

GDPR Personal data Access Education

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

If the EU’s ‘level data protection playing field’ means continuing to fully implement all aspects of European data protection law, including all aspects of the two-year-old General Data Protection Regulation (GDPR), then what was the point of Brexit? The GDPR has had a profound impact on many organisations.

Privacy

Privacy GDPR Personal data Computer and Electronics

How to write a GDPR-compliant data subject access request procedure

IT Governance

MARCH 20, 2018

In the lead up to May, it is important your organisation prioritises steps to prove that you are making an effort to comply with the EU General Data Protection Regulation (GDPR). D ata subject access request procedures under the GDPR. Two licences for the GDPR Staff Awareness E-learning Course.

GDPR

GDPR Access Personal data Compliance

Cloud Security Fundamentals: Understanding the Basics

eSecurity Planet

MAY 24, 2024

Cloud security fundamentals are the core requirements that ensure data protection, regulatory compliance, and access management in a cloud environment. Understanding cloud security challenges and knowing the cloud security tools available in the market significantly contribute to enhanced cloud security.

Cloud

Cloud Security Compliance Encryption

Why data subject access requests have become more common under the GDPR

IT Governance

JULY 15, 2019

That shouldn’t be a surprise, given that the spike correlates with the GDPR (General Data Protection Regulation) taking effect. But why exactly has the GDPR caused everyone to rush off to find out what information organisations store on them? The GDPR has scrapped the £10 fee that organisations could charge to fulfil a DSAR.

GDPR

GDPR Access Data Privacy Personal data

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

Data Matters

MARCH 9, 2021

On February 12, 2021, the European Commission ( Commission ) published an “Assessment of the EU Member States’ rules on health data in the light of GDPR” (the Assessment ). In turn, this has led to a fragmented approach to the processing of health data for health and research purposes across the EU. primary use.

GDPR

GDPR e-Delivery Government Access

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR

GDPR Personal data Compliance Privacy

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

With many employees now working remotely, securing company data isn’t as straightforward as it used to be. International workforces can be an excellent way to find top talent, but they can introduce unique security risks. Countries have different data security laws, and these can get in the way of one another.

Communications

Communications Cybersecurity GDPR Risk

Multi-Tenancy Cloud Security: Definition & Best Practices

eSecurity Planet

NOVEMBER 1, 2023

Multi-tenant cloud environments can present greater security challenges than dedicated private cloud environments, and as with all cloud models, the customer is responsible for a good portion of that security. We’ll take a look at the risks and controls needed to secure multi-tenant cloud environments.

Cloud

Cloud Security Data breaches Encryption

GDPR Training in Belfast – save 10%

IT Governance

DECEMBER 18, 2017

Many organisations are struggling to fill a skills gap created by the EU General Data Protection Regulation (GDPR) and need staff with knowledge of the Regulation. IT Governance runs two levels of GDPR training courses across the UK to train staff on the Regulation, giving them the knowledge required to manage a GDPR compliance project.

GDPR

GDPR Personal data Compliance Data breaches

The GDPR: Preparing your organisation for DSARs

IT Governance

JULY 11, 2019

The GDPR (General Data Protection Regulation) has strengthened individuals’ rights to see what information organisations store on them. Their first task will be to decide whether they can comply with the request within the one-month window permitted by the GDPR. This will be the case for data that’s walled off for security purposes.

GDPR

GDPR Personal data Access Data breaches

GDPR compliance checklist

How Organisations Are Failing to Process Personal Data Lawfully Under the GDPR

Webinars

Trending Sources

Streamlining GDPR Compliance With ROPAs, Data Flow Maps and DPIAs

Webinars

Are you ready for a cyberattack?

How to implement the General Data Protection Regulation (GDPR)

IRELAND: First GDPR fine issued in Ireland

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

The European Commission’s GDPR review in short

Irish Commissioner Fines WhatsApp €225 Million For GDPR Violations

Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

List of free GDPR resources and templates

Guest Post - Three Critical Steps for GDPR Compliance

UK ICO issues largest ever GDPR privacy fine of £183m ($228m)

Does your use of CCTV comply with the GDPR?

CNIL Publishes Initial Assessment on Blockchain and GDPR

GDPR: One Year On

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Driving GDPR Compliance

A guide to cyber security for marketing agencies

Is your organisation equipped for long-term GDPR compliance?

EDPB Releases Overview on the Implementation and Enforcement of the GDPR

Six months of the GDPR: it’s not too late to comply

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Will reforms take the DP out of GDPR?

What Is a SaaS Security Checklist? Tips & Free Template

CCTV and the GDPR – an overview for small businesses

GDPR – The Work Ahead

Spanish Senate signs-off new GDPR-compliant Data Protection Act

Data Protection: Where’s the Brexit Privacy Dividend?

How to write a GDPR-compliant data subject access request procedure

Cloud Security Fundamentals: Understanding the Basics

Why data subject access requests have become more common under the GDPR

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

Multi-Tenancy Cloud Security: Definition & Best Practices

GDPR Training in Belfast – save 10%

The GDPR: Preparing your organisation for DSARs

Stay Connected