Tag: GDPR

Conducting a data protection impact assessment (DPIA) or privacy impact assessment (PIA) is a complex and challenging task. Nevertheless, it’s critical to do. Data privacy concerns have become a significant focus across all industries, and for good reason: data is at higher risk than ever before....

The General Data Protection Regulation (GDPR) is a set of provisions and requirements governing data protection and privacy for individuals across the European Union. It applies to any business or public body — inside or outside the EU — that handles the personal data of EU residents. Such data...

A wide range of privacy regulations govern how organizations collect, store and use personally identifiable information (PII). In general, companies need to ensure data confidentiality, avoid data breaches and leaks, and make sure data is not destroyed or altered in unauthorized ways. The...

In May of 2018, the European Union enacted one of the world’s strictest set of rules for personal data protection. The formal name of this legislation is the General Data Protection Regulation, but it is more commonly known as the GDPR. The GDPR regulates personal data, which is defined as any...

Is your organization compliant with the GDPR? Does it need to be? Too many small businesses in the United States don’t know the answer to those questions. It’s understandable, especially considering that the GDPR is a European law. Plenty of US businesses assume that they don’t need to...

The regulatory climate around the world is changing rapidly. Scores of new regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and similar laws in other U.S. states, are being enacted in response to growing concerns about privacy and...

The General Data Protection Regulation (GDPR) is designed to respond to a growing concern about inappropriate use of personal data and add responsibilities for companies for their response to data breaches. In this article, we explore GDPR data subject rights, including what a data subject...

The EU General Data Protection Regulation (GDPR) grants individuals the right to find out what personal data an organization (called a data controller) holds about them by submitting a data subject access request (DSAR). This right is detailed in Article 15, “Right of access by the data...

One of the fundamental data privacy rights protected under the General Data Protection Regulation (GDPR) is the right to be forgotten. This GDPR provision can be quite a burden for organizations because each request to delete a data subject’s personal data needs to be evaluated individually and...

Personal information (PI) is the future of business because it helps provide customers with a customized experience that leads them to buy more. However, companies can no longer collect personal data without restraint, given the growing wave of consumer rights advocacy and privacy regulations such...