May Wants Total Alignment With EU Data Rules After Brexit

U.K. Prime Minister Theresa May proposed keeping Britain in total alignment with the European Union’s data-sharing rules after Brexit, something that would allow both intelligence agencies and business to continue to share information across borders.

The U.K. regards the EU’s data rules, which are crucial to both companies and security agencies, as one of its successes within the bloc — the British Information Commissioner’s Office played a large role in their development. Staying aligned would allow the sharing of information between offices in different countries confident that it was subject to proper protection rules.

Source: May Wants Total Alignment With EU Data Rules After Brexit – Bloomberg

Isle of Man introduces new Data Protection Bill

In the Programme for Government, the Council of Ministers committed to ensuring that the Island’s legislative position is equivalent to the EU General Data Protection Regulation (GDPR) by May 2018.

The Isle of Man Government’s proposed approach is the introduction of a short Data Protection Bill giving specific powers to apply EU data protection instruments as part of Manx law (with any necessary modifications) by Order approved by Tynwald and then implemented with Manx Regulations.

Source: Introduction of a new Data Protection Bill (GDPR) – Isle of Man Government – Citizen Space

Guidelines on Processing of Personal Data in Third Countries Under GDPR

Germany’s Federal Association for Information Technology, Telecommunications and New Media published its guidance on data transfers to third countries under the General Data Protection Regulation (GDPR). Guidelines aims at giving practical assistance for the day-to-day use when transferring data. In addition to a brief description of the legal framework for data transmissions, data processing in third countries with an adequate level of data protection, and without an adequate level of data protection will be explained. The different constellations are illustrated with a short case study. It also addresses data transmissions in a Group. Finally, the guide provides supplementary materials, links and references.

Download guidelines

ENISA publishes reports on PPPs and ISACs

A common objective of every European national cyber security strategy is collaboration to enhance cyber security across all levels, from threat information sharing to awareness raising. Collaboration is often achieved through two formal structures: Information Sharing and Analysis Centres (ISACs) and Public Private Partnerships (PPPs).

ENISA collected information on best practices and common approaches that resulted in two studies, namely Cooperative Models for Public Private Partnership and Information Sharing and Analysis Centres.

Source: Cybersecurity built on trust – ENISA supports Member States in establishing PPPs and ISACs — ENISA

Australia’s DPA releases data breach response

The Office of the Australian Information Commissioner (OAIC) has prepared this guide to assist Australian Government agencies and private sector organisations (entities) prepare for and respond to data breaches in line with their obligations under the Privacy Act 1988 (Cth) (Privacy Act).

The guide is in five parts:

  1. Data breaches and the Australian Privacy Act
  2. Preparing a data breach response plan
  3. Responding to data breaches — Four key steps
  4. Notifiable Data Breaches
  5. Other sources of information

Download guide

Source: Data breach preparation and response — A guide to managing data breaches in accordance with the Privacy Act 1988 (Cth)| Office of the Australian Information Commissioner – OAIC

Ireland: New and Improved Data Protection Commission

The eagerly awaited Data Protection Bill 2018 (Bill) was published on 1 February 2018. The Bill implements those instances where Member States are permitted some flexibility under the General Data Protection Regulation (GDPR) and contains many important provisions on the robust enforcement powers of the reformed Data Protection Commission. We examine the key enforcement provisions in the Bill.

Source: Enforcement Powers of the New and Improved Data Protection Commission Mason Hayes Curran

Recent OCR Newsletter Highlights Growing Cyber Extortion Threat for Healthcare Organizations

The OCR’s January 2018 newsletter details specific types of cyber extortion that healthcare organizations are currently encountering, including ransomware, denial of service attacks, distributed denial of service attacks and theft of protected health information (PHI).

Source: Recent OCR Newsletter Highlights Growing Cyber Extortion Threat for Healthcare Organizations

The Tories claim the data protection bill will make us safer. That’s not true.

The government’s growing store of personal details allows automatic adjudication on crucial aspects of our lives, writes Diane Abbott, the shadow home secretary.

Source: The Tories claim the data protection bill will make us safer. That’s not true | Diane Abbott | Opinion | The Guardian

GDPR: Five questions marketers must answer before May

As every marketer should be well aware, the new EU General Data Protection Regulation will be in force from 25 May – just over three months from now.

Marketers have had plenty of warnings about the penalties for breaching GDPR, and plenty of optimistic reassurances about the opportunity for improving customer relationships. But what are the most important things they actually have to do to ensure their use of personally identifiable information is within the law?

Source: GDPR: Five questions marketers must answer before May

Europe’s New Data Privacy Rules Nourish U.S. Privacy Tech Sector

That situation is changing radically, with the looming May 25 deadline for enforcement of the European Union’s General Data Protection Regulation (GDPR)—a sort of Magna Carta for the right of individuals to control the use of their own data. The sweeping new EU privacy protections apply to any company anywhere that holds data on any EU citizen—not just businesses located within the 28 EU member nations. And the maximum fine for violations—as much as 4 percent of a company’s global annual revenue—tends to concentrate the mind wonderfully on compliance.

Source: Xconomy: Europe’s New Data Privacy Rules Nourish U.S. Privacy Tech Sector

1 2 3 165
>