CIPL releases white paper on 10 principles for US privacy framework

(Mar 22, 2019) The Centre for Information Policy Leadership released a white paper titled the “Ten Principles for a Revised U.S. Privacy Framework,” according to a post from Hunton Andrews Kurth's Privacy & Information Security Law Blog. The CIPL offers the principles it believes should be implemented into a federal privacy framework to protect consumers and ensure the responsible use of information. The group’s principles for a U.S. framework focus on accountability, innovative and contextual transparency... Read More

Infographic: Data protection and transfers if 'no-deal' Brexit

(Mar 22, 2019) With the U.K. expected to leave the EU imminently, organizations must plan now for data governance within the U.K. and for data transfers into and out of other jurisdictions. To help, the IAPP has created an infographic to assist privacy pros unsure of their obligations to learn more about where to focus efforts and resources in the case of a “no-deal” Brexit. Full Story ... Read More

Alberta launches portal for citizens to check health info

(Mar 22, 2019) Citizens in Alberta can sign up to check their health records and lab results online, CTV News reports. MyHealth Records allows users to see medications available at community pharmacies, results from 59 different lab tests, and data from health devices, with more features to be added in the future. Alberta Health conducted a privacy impact assessment on MyHealth Records and sent the results to the province’s Office of the Information and Privacy Commissioner.Full Story... Read More

Brexit: Data Protection and Transfers, if “No Deal”

(Mar 21, 2019) With the U.K. expected to leave the EU imminently, organizations must plan now for data governance within the U.K., and for data transfers into and out of other jurisdictions. Take a look at this IAPP infographic to learn more about where to focus your efforts in the case of a “no deal” Brexit.Click to view as PDF ... Read More

US Supreme Court refers Google settlement case back to 9th Circuit

(Mar 21, 2019) The U.S. Supreme Court referred the Frank v. Gaos case back to the 9th Circuit Court of Appeals, Reuters reports. The appeals court approved an $8.5 million cy pres settlement in the case, where plaintiffs claim Google violated the Electronic Communications Privacy Act. The justices ordered the appeals court to take another look at the case to determine whether the plaintiffs had the proper legal standing to sue and whether they suffered any harm when Google shared their search requests with oth... Read More

Senate commerce committee to host small business privacy hearing March 26

(Mar 21, 2019) The U.S. Senate Committee on Commerce, Science & Transportation will host a hearing titled “Small Business Perspectives on a Federal Data Privacy Framework” March 26. The hearing will focus on privacy concerns small businesses face and the challenges they experience as they tackle laws created for larger organizations. Witnesses for the hearing include National Association of Realtors Technology Policy Committee Vice Chair Nina Dosanjh, Silver Star Communications Chief Financial Officer Jeff... Read More

Fennessy offers update on NIST's Privacy Framework

(Mar 20, 2019) On Feb. 27, the National Institute of Standards and Technology released an outline of its forthcoming Privacy Framework, providing the first real glimpse of what the framework might include and calling attention to the need for privacy workforce development. NIST Senior Privacy Policy Advisor Naomi Lefkovitz and NIST Senior IT Policy Advisor Adam Sedgewick presented that outline during a public webinar March 14. Nearly 400 stakeholders participated. In this post for Privacy Tech, IAPP Senior Pri... Read More

Survey: 86 percent of companies are not prepared for CCPA

(Mar 20, 2019) A survey conducted by TrustArc found 86 percent of companies are not prepared for the California Consumer Privacy Act, Fortune reports. TrustArc polled 250 privacy professionals at companies with 500 or more employees. “Our goal was to say, ‘How are people doing in their progress toward the [compliance] goal?'” TrustArc CEO Chris Babel said. “We found the vast majority of people have a very long way to go.” Of the respondents, 72 percent said they plan to invest in technology tools for the CCPA,... Read More

Companies see shift in third-party risk assessments

(Mar 20, 2019) An article for CyberScoop examines the way in which companies have traditionally employed questionnaires to benchmark their cyber readiness and reports on the growing shift toward a “shared assessment” questionnaire methodology. BitSight Vice President Jacob Olcott said, “One of the most critical business dynamics that’s taken place over the past five years is businesses holding each other accountable for cybersecurity,” but explained how traditionally, the questionnaires used to establish that ... Read More

NIST Privacy Framework recognizes critical need for workforce development

(Mar 20, 2019) On Feb. 27, the National Institute of Standards and Technology released an outline of its forthcoming Privacy Framework, providing the first real glimpse of what the framework might include and calling attention to the need for privacy workforce development. NIST Senior Privacy Policy Advisor Naomi Lefkovitz and NIST Senior IT Policy Advisor Adam Sedgewick presented that outline during a public webinar March 14. Nearly 400 stakeholders participated. In the webinar, Lefkovitz and Sedgewick focus... Read More