France's data protection authority, the CNIL, has released guidance on the standards organizations must meet to share information with business partners and data brokers, with a focus on compliance under the EU General Data Protection Regulation, according to a post from Hunton Andrews Kurth's Privacy & Information Security Law Blog. The CNIL guidance states companies that share data with these parties must first obtain consent from the data subject before any information is passed along, identify the third parties that will receive the data, and inform data subjects should the list of entities that will obtain the data change.
Full Story
2 Comments
If you want to comment on this post, you need to login.