Follow

Data Privacy Monitor Blog

Articles: 1-10 of 334

Key takeaways for app development and data protection by design from recent enforcement action

European Union, Norway - February 25 2020 The Norwegian Data Protection Authority (DPA) recently announced a €200,000 fine against Oslo’s municipal education agency for several security flaws…

Entering the ’20s - A New Era for Data Breach Class Actions?

USA - February 21 2020 As we move into a new decade, it has become clear that data breach litigation is here to stay. Last year brought us several incremental developments…

California AG Releases Modified CCPA Regulations

USA - February 7 2020 On February 7, 2020 the California Attorney General published a second version of the proposed regulations to implement the California Consumer…

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

USA - February 6 2020 This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by…

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

USA - January 31 2020 In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an…

Departments of Education and HHS Release Joint Guidance on the Relationship Between FERPA and HIPAA

USA - January 31 2020 At the end of 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and U.S. Department of Education Student…

Following SCOTUS Cert Denial, Facebook Settles BIPA Case for $550 Million

USA - January 31 2020 One decision, two far-reaching effects. This aptly describes the Supreme Court’s Jan. 21, 2020, decision to deny Facebook’s writ of certiorari in…

Steps to Develop a Mature Third-Party Risk Management Program with High-Risk Third Parties (Part 2)

USA - January 27 2020 This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by…

Reexamining the GDPR’s Territorial Scope

European Union - January 24 2020 In November 2019, the European Data Protection Board (EDPB) issued its final guidance on territorial scope of the General Data Protection Regulation…

California AG Press Release Emphasizes CCPA’s Jan. 1 Effective Date and Data Broker Registry, Provides No Update on Draft Regulations

USA - January 14 2020 On Jan. 6, 2020, the California attorney general (AG) released a CCPA advisory press release and reiterated what we already know - that “businesses…