Browse Topics

Recently Added Resources

ePrivacy and Data Protection: Who Watches the Watchers? — How Regulation Could Alter the Path of Innovation

This report from Citi GPS: Global Perspectives & Solutions looks at how consumers are tracked, and how the data that is collected and analyzed is then used by organizations. It then looks at how consumers themselves perceive the topic of privacy and why regulators increasingly feel the need to intervene. Finally Citi conducts a series of case studies with third-party contributors such as Vodafone, Aviva, and even Citi to assess the challenges associated with adapting to the new landscape. Th... Read More

Trends in State Cybersecurity Laws & Legislation

This slide deck from Pam Greenberg, CIPP/US, of the National Conference of State Legislatures offers an overview of state laws relating to cybersecurity, including maps showing what states have data disposal laws, data security laws, and more.View Deck (PDF 795K)... Read More

Ask the DPO Web Conference Series

As most privacy professionals know by now, the GDPR will come into force in May of 2018. The list of data governance issues to be tackled is large, with many new requirements for anyone doing business with EU citizens. Many organizations, in fact, will have to appoint a data protection officer with specific tasks and responsibilities. Given these new demands, the IAPP has arranged for DPOs and privacy leaders who run some of the world’s leading privacy programs at organizations in the EU and aro... Read More

Incident Response: Three-part series

This three-part series by Mahmood Sher-Jan first published in The Privacy Advisor in early 2017. Find all three articles below. Part 1: Building your incident response team: It takes a village In today’s threat-filled world, sensitive customer information is constantly at risk for exposure. 2017 will be no different with cyberattacks, ransomware, spear phishing, malware, system and process failure, employee negligence, lost or stolen devices. There is no better time than the present to assembl... Read More

Taking the U.K. Pulse: GDPR and Brexit

This report summarizes the findings of an IAPP survey of privacy professionals at more than 200 U.K. organizations on how they are preparing for Brexit and the GDPR and about their major compliance concerns. The findings include the fact that a large percentage of privacy professionals believe the GDPR must be complied with immediately, regardless of Brexit's results, and then a categorization on what they're doing to prepare and a ranking of the hardest compliance tasks.Read Now... Read More

IAPP-OneTrust Assessment Automation

The IAPP-OneTrust PIA Platform and The IAPP-OneTrust EU Data Transfer Kit The IAPP and OneTrust have partnered to help organizations across the globe automate privacy and readiness impact assessments. These free, online, and comprehensive tools help organizations operationalize their privacy strategies in an agile, cross-jurisdictional and GDPR compliant approach. Through enterprise-grade automation, flexibility and customization, the IAPP-OneTrust PIA Platform and EU Data Transfer Kit provid... Read More

IAPP-OneTrust Website Scanning & Cookie Compliance Tool

Featuring Continuous website scanning for one website Centralized dashboard Step-by-step cookie banner and policy generator Flexible consent manager Customizable visitor preferences center Integrated with the IAPP-OneTrust PIA Platform How It Works The IAPP and OneTrust have partnered to provide a free, comprehensive, online platform to help organizations operationalize their privacy strategies in an agile, cross-jurisdictional and GDPR compliant approach. Our latest offering pr... Read More

Privacy by state scores

This map from Comparitech uses 14 criteria to score states' privacy protections. The criteria range from laws that govern how companies can use and disclose customer data to those that protect journalists, children, and employees.View Map... Read More

Consultation: GDPR consent guidance (draft)

This draft guidance from the U.K. Information Commissioner’s Office complements the commissioner’s overview of the GDPR, offering more detailed, practical guidance for U.K. organizations on consent under the EU General Data Protection Regulation. Read Now (PDF 258K)... Read More

Personal Data (Privacy) Law in Hong Kong

This guidance from Hong Kong’s Privacy Commissioner for Personal Data includes chapters on the meaning of personal data and collect data user under the country’s Personal Data (Privacy) Ordinance. It also includes overall guidance on the principles outlined in the ordinance. Read Now... Read More