Five Lessons From Recent Cyberattacks To Protect Your Organization In 2016 – Part II

hacker and laptop

In Part I , we discussed the first two lessons learnt from the recent cyberattacks. We will share the final three lessons learnt from recent cyberattacks in Part II.  Lesson 3: Avoid Collecting Children’s Data As Much As Possible In response to recent incidents involving children’s data, the Hong Kong Privacy Commissioner issued a Guidance Note in … Read more

German Data Protection Authorities Issue Position Paper In Light Of Safe Harbor Decision – Part I


On October 26, 2015, the Data Protection Conference of the German State Data Protection Authorities and the German Federal Commissioner for Data Protection (“Conference”) issued a position paper following the recent decision of the Court of Justice of the European Union (“ECJ”) invalidating the Safe Harbor decision of the EU Commission. Data Transfers Solely Based … Read more

Cloud Myths Series – Myth #1 – A Unique Challenge?

cloud functions

Welcome to our new series dispelling some of the most common myths around data privacy and security in cloud computing solutions. This series will equip you with: a solid understanding of the pros and cons of cloud computing for privacy compliance;an increased ability to discuss challenges with customers and providers; andpractical guidance for contracts between vendors … Read more

Accountability – A Global Standard For Privacy Compliance

letters on keyboard

The Accountability Principle in International Data Protection Instruments  Privacy Accountability: National Regulators’ Accountability Guidance (Part 1)  Privacy Accountability: National Regulators’ Accountability Guidance (Part 2)  Colombian Data Protection Authority issues Accountability Guidance The notion of accountability is not new to data protection law and policy.  What is new, though, is that it is becoming more and more relevant in … Read more

CCPA Update – What Has Changed And What Remains The Same?

monitor on the table

The California legislative session ended with a bang on September 13, when legislators passed several noteworthy amendments to the California Consumer Privacy Act (CCPA). The California governor has until October 13 to act on these amendments. We have outlined below the amendments that materially alter the original scope or requirements of the CCPA and that … Read more

Equifax Part II – Key Learnings

equifax hackers

In the first part of this article here we looked at the background facts and circumstances of breach in the Equifax decision by the UK’s DPA, the ICO. This second part sets out some key learnings from the case. Review Intra-group Data Processing Arrangements The ICO focused on a number of flaws in the arrangements between … Read more

Key Messages From Ashley Madison Investigation

dating apps

After jointly investigating a data breach in July and August 2015 that occurred to a Canadian dating website operator’s system, the Australian Privacy Commissioner and the Privacy Commissioner of Canada released a joint report regarding their findings. The affected websites included the Ashley Madison dating website which had users in over 50 countries. Among other … Read more

The Importance Of Security In The Cloud: Security And Audit


Part of the b:INFORM 2015/2016 Cloud Survey Trend Series 1. Importance of Security Consistent with last year, our survey identified security and privacy at the forefront of buyers’ and providers’ minds in relation to cloud services.  Security (88%) and Privacy (73.3%) topped the list of buyers’ primary hesitations in deciding whether to buy cloud services.  More … Read more

OCR Begins Phase 2 Of Its HIPAA Audit Program

medical logo

Recently, the Department of Health and Human Services – Office for Civil Rights (“OCR”) announced the launch of Phase 2 of its audit program for the Health Insurance Portability and Accountability Act (“HIPAA”). After years in development, the program represents a new tool for OCR to use in evaluating businesses’ compliance with HIPAA’s Privacy, Security, … Read more