Free tools and resources for Data Protection Officers!

Tag Archives for " GDPR "

GDPR-ready organizations see lowest risk of data breach

Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study.

The Study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data breaches.

Source: Cisco 2019 Data Privacy Benchmark Study | The Network

How to comply with both the GDPR and the Cloud Act

On March 23, 2018, U.S. Congress enacted the Clarifying Lawful Overseas Use of Data Act, which had the immediate effect of mooting the ongoing U.S. v. Microsoft litigation.

A central issue of the case was whether a web based or cloud based telecommunications or data service provider, subject to U.S. jurisdiction, could avoid being required to provide stored electronic communications for which a search and seizure warrant had been served, when such stored electronic communications were stored on servers outside of the U.S.

The U.S. CLOUD Act amended the Stored Communications Act (SCA) of 1986, which was enacted to create Fourth Amendment-like privacy protection for email and other digital communication stored or held by internet service providers.

Full article: How to comply with both the GDPR and the Cloud Act

Despite media impact worries Bulgaria begins to implement GDPR amendments

The EU’s General Data Protection Regulation took another step towards being integrated into Bulgarian law last week, when MPs in Sofia gave the green light to the second and final reading of changes to the nation’s data protection legislation.

Full article: Despite media impact worries Bulgaria begins to implement GDPR amendments

Does anonymization or de-identification require consent under the GDPR?

Data de-identification has many benefits in the context of the EU General Data Protection Regulation . One of the recurring questions is whether consent is required to anonymize or de-identify data. In this article, we make the case that no consent is required for anonymization or other forms of de-identification.

Full article: Does anonymization or de-identification require consent under the GDPR?

Learning from Google’s record-setting GDPR fine

With the French Data Protection Authority (CNIL) disclosing on January 21 st a 50 million euro fine against Google LLC, we now have a precedent against which to evaluate the impact and reach of GDPR enforcement.

This is significant as, with this precedent, we can determine some of the factors a Data Protection Authority (DPA) will use in assessing the extent of a given violation.

Full article: Learning from Google’s record-setting GDPR fine

GDPR Compliance Lowers Data Breach Frequency and Impact Says Report

Companies that follow the requirements of the General Data Protection Regulation (GDPR) experience extra benefits such as lower frequency and effect of data breaches, as well as fewer records being impacted in the attacks, shorter downtimes and lower overall costs.

Full article: GDPR Compliance Lowers Data Breach Frequency and Impact Says Report

GDPR makes it easier to get your data, but doesn’t mean you’ll understand it

“Right of Access” says that, when requested, any company should be prepared to provide you with your personal data.

They should provide it in a way that’s easy for you to read, in a timely manner, and with enough background information for you to understand how they got it and how they use it. The problem is that companies can often be really stingy about actually providing this data.

Full article: GDPR makes it easier to get your data, but doesn’t mean you’ll understand it – The Verge

>