BigID_ad_781_111_advanced2_071108
MediaPro_2018EyeOnPrivacyReport_728x90_061518
TR_DPA_Confidence Matters_Woman_v2_S063545_gif_728x90_ros_020718
WC_GigyaSAP_080218
PSR18_Web_300x250-COPY
PrivacyTraining_ad300x250.Promo1-01
Notes from the IAPP DPO on how she's doing her work.

DPO Confessional: The prep for GDPR Day

Rita Heimes, CIPP/E, CIPP/US, CIPM
‘Twas the night before GDPR…. May 25 feels like a holiday of sorts. Not because there’s anything to celebrate or honor, necessarily, but because preparing for it was much like getting ready to have guests visit the house. Guests one really wants to or needs to impress, moreover, like the in-laws or...
DPO Confessional: Think globally, but direct market locally
Rita Heimes, CIPP/E, CIPP/US, CIPM
2
Like many privacy lawyers, I came to the field from an intellectual property law practice. Property rights are inherently territorial, so holding a patent or trademark in one country does not provide enforcement rights in another; one must register anew in each territory of interest.  This is a bit...
Explaining the GDPR to an American
Rita Heimes, CIPP/E, CIPP/US, CIPM
14
Law students at American law schools take property, torts, and contracts during their first year. It is difficult not to view consumer privacy interests through one or more of those lenses, particularly when U.S. consumer privacy law has been based on a notice and consent, enforced by principles of ...
Responding to subject access requests
Rita Heimes, CIPP/E, CIPP/US, CIPM
1
IAPP Research Director and DPO Rita Heimes, CIPP/E, CIPP/US, CIPM, discusses the challenges of responding to subject access requests and offers a step-by-step look into her process in this DPO Confessional post....
Making a (privacy) statement
Rita Heimes, CIPP/E, CIPP/US, CIPM
1
This week, the IAPP posted a new privacy statement. We encourage our members not only to read it so they can better understand what personal information the IAPP collects and how it’s processed, but also to provide feedback, comments and suggestions on what might be missing or how it can be improved...
When is a vendor a processor?
Rita Heimes, CIPP/E, CIPP/US, CIPM
2
Privacy professionals have been involving themselves in their organizations’ vendor management programs for a few years now. Indeed, according to the 2016 IAPP-EY Privacy Governance Survey, 70 percent of respondents (up from 63 percent in 2015) were involved in a formal vendor management program — a...
The GDPR in 20 Minutes
Dan McCue
11
In June of this year, I started an internship at the IAPP as the University of Maine School of Law’s inaugural Privacy Fellow. My goal was to spend the summer helping the IAPP’s Data Protection Officer, Rita Heimes, CIPP/US, CIPM, work toward IAPP compliance with the upcoming General Data Protection...
The case of the unsolicited email
Rita Heimes, CIPP/E, CIPP/US, CIPM
2
Privacy and data protection issues do not present themselves in any particular order, so when starting out as a data protection officer, one has to be able to address the most pressing privacy issues “on the fly” while simultaneously moving methodically through a GDPR-readiness program. For the IAP...