Tag: GDPR

Categories
Life with GDPR

Life With GDPR: Episode 29- GDPR Year 1 Review-Part II, the Issues

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. This episode is the first of a two-part series where  Jonathan Armstrong and myself consider some of the highlights from the first year of GDPR implementation and enforcement. In this Part I we considered some of the enforcement numbers. In this Part II, we discuss some of the substantive issues. Some of the highlights in this episode include:
  1. Security issues-multiple regulators for large breaches and questions of whether TOMs are adequate.
  2. 6 Principles of GDPR-highest is around transparency.
  3. Data Subject Rights are seen as the biggest corporate pain points.
  4. DPIAs have been embraced by many companies and are seen by regulators as the backbone of a corporate compliance program around data security/data privacy.
  5. Industry sweeps are beginning to occur.
  6. Mixed quality of legal advice is hurting many companies in their compliance efforts.
  7. Some significant cases are headed to trial and then appeal.
  8. GDPR is here to stay.
For more information on Cordery Compliance, go their website here.
For additional reading see the Cordery Compliance article, “GDPR One Year On”.
Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Life with GDPR

Life With GDPR: Episode 28- GDPR Year 1 Review-Part I, the Numbers

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. This episode is the first of a two-part series where  Jonathan Armstrong and myself consider some of the highlights from the first year of GDPR implementation and enforcement. In this Part I of this two-part series we consider some of the enforcement numbers. In Part II, we will consider some of the substantive issues. Some of the highlights in this episode include:
  1. EDPB says just over 150,000 complaints files EU under GDPR.
  2. Robust enforcement by both regulators and private bodies/citizens.
  3. UK leads with the largest number of complaints filed, followed by Germany then France.
  4. Around 950 complaints have reach courts.
  5. Italy is the country which has seen the largest number of court cases.
  6. Several countries are increasing inspections which could lead to enforcement actions.
For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Life with GDPR

Life With GDPR: Episode 26- The Importance of Passwords

In this episode, I visit with Jonathan Armstrong a topic which does not seem to garner the attention that it deserves in data protection; that being passwords. Some of the issues and highlights are:

  1. What is two-factor authentication?
  2. How, when and where should your use it?
  3. What are the most common passwords still in use?
  4. Why are passwords one of the most basic forms of data security protection?
  5. What are the lessons to be learned?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

Life With GDPR: Episode 23- Looking into the 2019 Crystal Ball

In this episode, I visit with Jonathan Armstrong consider some of his predictions for the rest of 2019. Even if these predictions do not become fully formed, you should consider them in light of your data privacy/data protection policies and protocols. Some of the issues and highlights are:

  1. Drones-what are the GDPR implications.
  2. The number of data breach notifications under GDPR. Through the end of January there were over 42,000 in the EU alone.
  3. Will AI and self-driving cars follow the rules on safe driving standards, or will there be new rules for the road?
  4. What will be the effects of data, big data and AI in elections going forward? What will be the fallout from Cambridge Analytica going forward?
  5. How will businesses respond to the industrialization of internet crime? What happens when there is a Zero-Day exploit?
  6. Cybersecurity insurance. Will standard insurance rules and regulations apply, or will new policy language be drafted for such coverage?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Daily Compliance News

Daily Compliance News: March 1, 2019-Lion or Lamb? edition

MARCH 1, 2019 BY TOM FOX

In today’s edition of Daily Compliance News: