How to manage data breaches in the cloud

(Feb 14, 2020) The day-to-day business penetration of cloud services has reached an all-time high and is expected to grow further in 2020. Under the EU General Data Protection Regulation’s accountability principle, data controllers that use cloud service resources must prepare themselves in advance to effectively manage “cross-entity” data-processing activities, the related risks and potential data breaches. In this piece for The Privacy Advisor, Provaris Varga & Partners’ Ádám Liber, CIPP/E, CIPM, FIP, an... Read More

Organizations fear privacy compliance unsustainable

(Feb 14, 2020) CIO Dive reports a study from systems management firm Tanium showed 67% of companies do not believe they can maintain privacy compliance over time. "People realize that they can be compliant one time — you can get ready for that audit and pass that audit. But the day after that audit is done, people go back to their day jobs," said Tanium Chief Information Security Officer for the Americas Chris Hallenbeck, adding compliance is challenging because "data is rarely stationary."Full Story... Read More

Web con: 'Why Privacy Protection Goes Beyond Compliance'

(Feb 14, 2020) The California Consumer Privacy Act presents several organizational challenges, especially for the fulfillment of data subject access requests. However, the regulation’s impact will prove more far reaching. To build sustainable privacy programs that can adapt to regulatory changes, organizations should move beyond a focus on reporting workflows and request portals. Join the IAPP for this sponsored web conference March 5 to learn how to leverage compliance processes to extend privacy protection i... Read More

The IAPP's top-5 most-read stories since Feb. 10, 2020

(Feb 14, 2020) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five most-read stories for the week of Feb. 10.Full Story... Read More

The top-5 most-read stories for the week of Feb. 10, 2020

(Feb 14, 2020) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes, that's even too much. To help, we offer our top-five most-read stories of the week. Privacy Tracker: "CCPA proposed modified regs 2.0 issued in Calif.," by DLA Piper's Jim Halper... Read More

How the GDPR affects the pharmacovigilance sector

(Feb 13, 2020) With the implementation of the EU General Data Protection Regulation, one can observe a certain sense of proactiveness in the life science and health care industry. One sector, in particular, namely pharmacovigilance, is striving to align itself with the requirements under the GDPR while ensuring the sector-specific requirements also see the light of the day when being integrated into the privacy and information security frameworks of the relevant organizations. Wyrick Robbins Privacy & Data... Read More

Web con: 'Meeting the CCPA Challenge'

(Feb 12, 2020) Organizations must balance meeting customer demands and complying with privacy regulations, including the California Consumer Privacy Act. To meet these goals, organizations can focus on data governance to comply faster and future-proof data privacy programs. Join the IAPP Feb. 26 for this sponsored web conference to learn about the CCPA and how it impacts data governance to ensure collaboration between data governance, legal, security and privacy. Speakers for the web conference include First S... Read More

Perspective: Who registered as a data broker in Calif.?

(Feb 11, 2020) In the flurry of California Consumer Privacy Act–related bills, the California Legislature also enacted a law requiring data brokers to register “following a similar, but not identical, law in Vermont and attention by Congress ... the U.S. Federal Trade Commission and advocates to data brokers in prior years,” Baker McKenzie Partner Lothar Determann writes. In this piece for Privacy Perspectives, Determann looks at the list of data brokers that have registered so far and which companies need to ... Read More

When to appoint an EU representative under GDPR

(Feb 11, 2020) The EU General Data Protection Regulation requires organizations based outside of the European Union but subject to the GDPR to appoint an EU representative. What does this mean in practice? In this piece for The Privacy Advisor, IAPP Research Director Caitlin Fennessy, CIPP/US, sat down with Lucia Canga, CIPP/E, GDPR EU representative for non-EU companies at the European Data Protection Office in Brussels, for insights that might help other privacy professionals seeking to operationalize Articl... Read More

Op-ed: Ever-changing privacy landscape requires best practice

(Feb 11, 2020) In an op-ed for The Hill, Casentino Strategies Founder and Principal Paula Bruening writes organizations should understand their data protection is "not a steady state" in an evolving regulatory landscape across the globe. To address the constant change, Bruening said it will take "constantly monitored and reassessed" measures to keep up with competing regulations. Bruening suggests organizations "are wise to ground their data strategy in C-suite commitment to data protection and responsible dat... Read More