dcsimg

Data privacy law updates eyed by Singapore

In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union General Data Protection Regulation, or GDPR, … [Read more...]

GDPR: An impact around the world

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 countries. In Chile, lawmakers are … [Read more...]

Washington Privacy Act welcomed by corporate and nonprofit actors

The steady parade of US data privacy legislation continued last month in Washington with the introduction of an improved bill that would grant state residents the rights to access, control, delete, and port their data, as well as opting out of data sales. The bill, called the Washington Privacy Act, also improves upon its earlier 2019 version, providing stronger safeguards on the use of facial … [Read more...]

Online privacy in 2019: a legislative review

For decades, the United States treated data privacy like an aging home, patching individual leaks and drafts only when a new storm hit. The country passed a law protecting healthcare-related information, and not much else. It then passed a law protecting video rental information, and not much else. It continued this way, repeatedly passing sector-specific laws while failing to address a problem … [Read more...]

ACCESS Act might improve data privacy through interoperability

Data privacy is back in Congressional lawmakers’ sights, as a new, legislative proposal focuses not on data collection, storage, and selling, but on the idea that Americans should be able to more easily pack up their user data and take it to a competing service—perhaps one that better respects their data privacy. The new bill would also require certain tech companies, including Facebook, … [Read more...]

7 ways your organisation can suffer a data breach

Organisations of all sizes are waking up to the threat of data breaches. But don’t be fooled into focusing on the prospect of a hacker breaking into your systems. There are many other ways that your organisation can be compromised.  Let’s take a look at seven of the biggest cyber security threats you should be concerned about.   1. Employee error Data breaches aren’t always malicious attacks. … [Read more...]

CEOs offer their own view of a US data privacy law

Last week, the chief executives of more than 50 mid- and large-sized companies urged Congress to pass a national data privacy law to regulate how companies collect, use, and share Americans’ data. Buried deep within the chief executives’ recommendations for such a law, presented as a policy framework for guidance, was a convenient proposal: Private individuals should not be allowed to sue … [Read more...]

How to get your Equifax money and stay safe doing it

Following the enormous data breach of Equifax in 2017—in which roughly 147 million Americans’ suffered the loss of their Social Security numbers, addresses, credit card and driver’s license information, birthdates, and more—the company has agreed to a settlement with the US Federal Trade Commission, in which it will pay at least $650 million. Much of that settlement—up to $425 million—is … [Read more...]

The GDPR: Why you need to review your third-party service providers’ security

Organisations share personal data with third parties all the time, but can they be trusted?  The GDPR (General Data Protection Regulation) extended the scope of responsibility when it comes to data protection and privacy, so where does that leave you when it comes to security incidents caused by service providers?    How third-party relationships work under the GDPR Before we begin, let’s be … [Read more...]

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]