fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " compliance "

One month sprint to GDPR compliance: 5 things to do now if your business isn’t prepared

The General Data Protection Regulation (GDPR) affects every company or organisation, anywhere in the world, that touches an EU citizen’s data, yet with one calendar month to go until the 25 May compliance deadline fast approaching, many have found themselves largely unprepared for the new regulatory framework.

While a number of organisations have spent the better part of the past 16 months preparing for compliance, others haven’t taken full advantage of the grace period and are now facing urgent questions about how to bring themselves up to scratch.

Source: One month sprint to GDPR compliance: 5 things to do now if your business isn’t prepared | The Drum

WhatsApp raises minimum age to 16 for Europeans ahead of GDPR

Facebook-owned messaging service will demand users confirm they are old enough to use app after raising age limit from 13.

WhatsApp is raising the minimum user age from 13 to 16, potentially locking out large numbers of teenagers as the messaging app looks to comply with the EU’s new data protection rules.

Source: WhatsApp raises minimum age to 16 for Europeans ahead of GDPR

Data protection is a business issue

Data privacy is a rapidly maturing profession as organisations around the world increasingly see data protection as a business issue, according to an industry association.

“There is a bit of a frenzy and a buzz with the EU’s General Data Protection Regulation compliance deadline fast approaching, and the Facebook-Cambridge Analytica scandal feeding into it,” Tene told Computer Weekly at the IAPP Data Protection Intensive conference in London.

Source: Data protection is a business issue, says IAPP

Global companies lacking GDPR oversight of sub-contractors

The majority of global companies admit that they do not have appropriate oversight of third parties and sub-contractors despite the imminent implementation of new data protection regulations.

A new survey by consulting firm Deloitte revealed that 57% of global organisations admitted they did not have appropriate visibility of subcontractors engaged by their third parties, a further 21% are unsure of oversight practices, and just 2% routinely review the risk subcontractors pose to their organisation.

Source: Global companies lacking GDPR oversight of sub-contractors

GDPR: Opportunities and challenges

The main challenge of GDPR for corporations will be assessing their current information collection and storage systems against the new regulations and ensuring compliance before the deadline. Accountability is critical, and concepts such as pseudonymisation will become commonplace under the new regulations.

In addition, the cross-border transfer of EU residents’ data outside the region will be become much harder. The EU Commission will assess third countries’ level of protection by carrying out “adequacy” assessments binding to all member states. They will then carry out reviews every four years to ensure continued compliance.

Source: Countdown to GDPR: Part 2 — Opportunities and challenges

DPAs to pros: There’s no grace period, folks

While privacy professionals and companies have been working to get their processes in order, so too have the regulators who are tasked with watching over those processes.

What that’s meant for the Irish, French and U.K. data protection authorities has been an increase in staff and budget across the board.

Source: DPAs to pros: There’s no grace period, folks

A flaw-by-flaw guide to Facebook’s new GDPR privacy changes

Facebook is about to start pushing European users to speed through giving consent for its new GDPR privacy law compliance changes. There are a ton of small changes, so we’ll lay out each with our criticisms.

Facebook’s consent flow starts well enough with the screen above offering a solid overview of why it’s making changes for GDPR and what you’ll be reviewing. But with just an “X” up top to back out, it’s already training users to speed through by hitting that big blue button at the bottom.

Source: A flaw-by-flaw guide to Facebook’s new GDPR privacy changes | TechCrunch

How One Location-Based Data Firm Is Preparing for GDPR

Mobile location firms that collect latitude and longitude stats have been particularly scrutinized because the data is considered personal under GDPR, requiring that consumers consent to providing companies with their information—which could potentially creep consumers out if they know their location is being mined for advertising.

Los Angeles location firm Factual is aiming to mitigate GDPR’s risks by scraping all of its data collected on European citizens. It will then get to work rebuilding its database by asking for consumers’ “explicit consent.” The company’s contracts now also require that partners have obtained data explicitly.

Source: How One Location-Based Data Firm Is Preparing for GDPR – Adweek

Facebook enlists conservative help to resist privacy rules

An email seeking U.S. groups’ assistance against EU-style regulations came as Mark Zuckerberg was preparing to testify to Congress.

Facebook asked conservative groups for help last week in heading off The company’s outreach comes as the European Union is preparing to enforce strict new privacy rules that take effect in late May. Among other things, the EU’s rules allow regulators to impose fines as high as 4 percent of a company’s global revenues for serious violations.

Source: Facebook enlists conservative help to resist privacy rules – POLITICO

Essential structures for GDPR compliance

The European Union’s new General Data Protection Regulation will go into force May 25, after six years of preparation. The main challenge for corporations will be assessing their current information collection and storage systems against the new regulations and ensuring compliance before the deadline.

Nine data protection experts from Germany, Belgium, The Netherlands, Italy, U.K., U.S., Luxembourg, Sweden and France discuss how they are helping their clients reach GDPR compliance and emphasize some of the structures businesses should put in place to avoid a crippling fine.

Source: Countdown to GDPR: Part 1 — Essential structures for GDPR compliance

>