News, insights and resources for data protection, privacy and cyber security leaders

Author

Andrew Clearwater

Andrew Clearwater serves as Director of Privacy at OneTrust. Clearwater is a Certified Information Privacy Professional (CIPP/US) and is a licensed privacy attorney in Maine and Massachusetts. In this role, Clearwater provides counsel, leadership, and guidance on all legal issues relating to OneTrust’s corporate environment. He also provides public policy analysis in the areas of privacy, data security, information policy, and technology transactions.

Data Protection

Legitimate Interests: Being Comfortable with Uncertainty

Andrew Clearwater Mar 30, 2018 0

With the EU GDPR right around the corner, you have probably heard that there will be six legal bases for processing personal data. For organizations who are currently preparing for GDPR, there is a strong focus on – as well as some…

Data Protection

Consent Under the GDPR: Requirements and Recommendations for Data Controllers

Andrew Clearwater Jan 26, 2018 0

The concept of consent has had a long history in privacy and data protection. Privacy consent has been evolving, especially under the GDPR. What are the expanded requirements for consent and what actions must organizations begin taking…

Data Protection

Access, Erasure and Portability: Examining Data Subject Rights Under the GDPR

Andrew Clearwater Dec 29, 2017 1

Data subject rights are being expanded under the EU General Data Protection Regulation (GDPR), impacting the business processes of data controllers and processors. With the increased complexities that lie in within each distinct right, a…

Data Protection

Revisiting the DPIA in Light of the Revised Article 29 Working Party Guidelines

Andrew Clearwater Oct 27, 2017 0

Avoid the common pitfall of using pre-existing approach to Data Protection Impact Assessment (DPIA) without knowing the Article 29 Working Party guidelines.

Data Protection

GDPR Derogations and How to Prepare for Member State Variation

Andrew Clearwater Sep 29, 2017 0

While one of the primary goals of the GDPR is to harmonize data protection laws across the EU, there are over 50 provisions, which allow GDPR derogations by Member States.

Data Privacy

Video: PIAs and Data Mapping – Operationalizing GDPR and Privacy by Design

Andrew Clearwater Dec 25, 2016 0

Given the new requirements of the GDPR, companies and organizations doing business globally need to think hard about how to best implement efficient and effective data handling practices that are replicable and consistent. As a privacy…

Data Privacy

Operationalising GDPR and Privacy by Design

Andrew Clearwater Nov 25, 2016 0

We give some insight into how companies could use a privacy impact assessment (PIA) in conjunction with data mapping practices to understand how data flows through an organisation, making it the perfect tool to document and track new…

Author

Andrew Clearwater

Legitimate Interests: Being Comfortable with Uncertainty

Consent Under the GDPR: Requirements and Recommendations for Data Controllers

Access, Erasure and Portability: Examining Data Subject Rights Under the GDPR

Revisiting the DPIA in Light of the Revised Article 29 Working Party Guidelines

GDPR Derogations and How to Prepare for Member State Variation

Video: PIAs and Data Mapping – Operationalizing GDPR and Privacy by Design

Operationalising GDPR and Privacy by Design

Pin It on Pinterest