With the anticipated publication of the Europe General Data Protection Regulation (the “GDPR”) in 2016, international companies must begin to assess how the GDPR will affect their global data protection and privacy compliance programs. The GDPR will likely affect companies based in and outside the EU, so it is important for all multi-national companies to… Continue reading Get Ready For The European General Data Protection Regulation
The Federal Trade Commission (FTC) published a new guide: Start with Security: A Guide for Business. The FTC derived these ten lessons from the 50+ data security settlements reached with companies in recent years. Given how the Wydham case confirmed that the FTC has enforcement authority in this area, companies should assess, and document, their data… Continue reading FTC Offers 10 Practical Guidelines On Data Security
The monitoring of employees is a poignant example of an activity that requires a balance between the interests of different parties. On the one hand, organizations have a legitimate interest in safeguarding their information. Organizations can invest a significant amount of time and resources securing valuable data from external threats, only to have these efforts… Continue reading Employee Monitoring: It’s All About Balance
We’ve given our take on some of the common misconceptions about cloud computing that are expressed by the public (see Myth 1 and Myth 2). Join us now as we focus on the security of cloud computing. Myth 3: Cloud Computing is Bad for Data Security. The fact is that employee malice and negligence (e.g., lost laptop, smart phone,… Continue reading Cloud Myths Series – Myth #3 – Is Cloud Bad For Data Security?
Once the General Data Protection Regulation (GDPR) comes into effect, it will replace the EU Data Protection Directive as well as all national data protection legislation existing under the Directive (subject to certain matters not regulated by the GDPR). Consequently, the national data protection laws of all EEA countries (i.e., the 28 EU member states… Continue reading GDPR: From Directive To Regulation
Malaysia has introduced a new mechanism for sanctioning data protection breaches. Under section 132 of the Personal Data Protection Act 2010 supplemented by the Personal Data Protection (Compounding of Offences) Regulations 2016 (“the Regulations”), enacted on 16 March 2016, certain data protection offences may be “compounded” instead of being formally prosecuted. In other words, offenders… Continue reading Malaysia Introduces Alternative To Prosecution Of Data Protection Breaches