The IAPP's top-five most-read stories, May 17–23, 2019

(May 24, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five, most-read stories of the week. Though May 25 lands on a Saturday this year, much of this last week involved data and reflection... Read More

Indiana medical records service reaches $100K settlement over HIPAA violations

(May 24, 2019) The U.S. Department of Health and Human Services reports its Office for Civil Rights has received a $100,000 settlement from Medical Informatics Engineering, an Indiana-based medical records service, for Health Insurance Portability and Accountability Act violations. The OCR found MIE did not perform a proper risk assessment of its cybersecurity before a breach in 2015 that exposed the electronic health records of 3.5 million patients. “Entities entrusted with medical records must be on guard ag... Read More

Colombian DPA hands down fines for lacking data protection

(May 24, 2019) Colombia's data protection authority, Superintendencia de Industria y Comercio, has announced it has imposed fines of 496,899,600 and 298,121,760 pesos to Banco Falabella and delivery startup Rappi respectively for failure to implement data protection policies. Following citizen complaints, investigations revealed the organizations improperly used data for either advertising and marketing purposes, while neither responded to consumers' data claims within the government-mandated 15-day period. Ba... Read More

US lawmakers seek to curb warrantless device searches at the border

(May 24, 2019) U.S. Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., introduced the Protecting Data at the Border Act, which would require federal agents to obtain a warrant before searching the personal devices of U.S. residents crossing the border, Nextgov reports. Rep. Ted Lieu, D-Calif., introduced a companion bill in the House of Representatives. Currently, Customs and Border Protection can search devices without a warrant or probable cause. If the legislation is enacted, agents would have to obtain “a vali... Read More

Sen. Jackson speaks on CCPA amendments

(May 24, 2019) State Sen. Hannah-Beth Jackson, D-Calif., is still fighting for a more stringent California Consumer Privacy Act despite having her proposed bill killed, The New York Times reports. Jackson said her proposal of adding a private right of action to the CCPA would have "put some real teeth into the enforcement mechanism" and stood by the notion that such a clause would not put a burden on the court system or come with added costs. When it comes to the bills still in play regarding CCPA reform, Jack... Read More

The IAPP's top-five most-read stories since May 17, 2019

(May 24, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five, most-read stories of the week. Full Story... Read More

Therrien talks Digital Charter, trans-border consultation at CPS19

(May 24, 2019) Privacy Commissioner of Canada Daniel Therrien believes the question about whether privacy legislation should be amended is in the past. It is no longer should the country's privacy laws be amended, but what is the best way to do so, and with the announcement of the country's Digital Charter, the commissioner said the federal government seems to agree. Therrien covered the latest development during his keynote speech at the IAPP Canada Privacy Symposium. The commissioner also announced his offic... Read More

Therrien speaks on Digital Charter, trans-border data flow consultation at CPS19

(May 24, 2019) Privacy Commissioner of Canada Daniel Therrien believes the question about whether privacy legislation should be amended is in the past. It is no longer should the country's privacy laws be amended, but what is the best way to do so, and with the announcement of the country's Digital Charter, the commissioner said the federal government seems to agree. Therrien covered the latest development during his keynote speech at the IAPP Canada Privacy Symposium here in Toronto. The commissioner also an... Read More

British Columbia privacy commissioner lacks jurisdiction on alleged hiding of public records

(May 24, 2019) Information and Privacy Commissioner for British Columbia Michael McEvoy does not have the power to investigate whether Minister of Citizens' Services Jinny Sims hid communications and decisions in order to exclude them from freedom-of-information requests, the Vancouver Sun reports. “I’m not able to comment and make a determination on whether those allegations are true or not,” said McEvoy, who added that Sims is in charge of investigating herself, according to British Columbia's law. “And that... Read More

Perspective: Thoughts on the GDPR after year one

(May 24, 2019) As we approach the one-year anniversary of the EU General Data Protection Regulation's implementation date, many in the privacy world have taken the time to reflect on what has come to pass and what to expect in the near future. "From very prescriptive rules to the all-so-woolly 'risk-based approach,' the GDPR is a legal masterpiece riddled with technical challenges," writes Hogan Lovells Partner Eduardo Ustaran, CIPP/E. "Many of the concepts, principles and rules require careful interpretation ... Read More