The GDPR has influenced the future of corporate compliance at a global level. As we see the CCPA, the USCDPA, and bills in other jurisdictions like India and Brazil being passed, it is evident that all companies soon will be required to comply with some consumer data privacy measure.
Since June 1, eight U.S. states have either amended or enacted tougher new data breach notification laws requiring notification anywhere between 30 to 60 days. While still a far cry from the 72 hours required under the European GDPR, tougher notification laws will no doubt be adopted around the world.
Recent PwC survey results indicate that half of respondents were not confident that their organizations would meet the 2020 deadline for CCPA compliance. What are the lessons learnt from the GDPR compliance exercise that can help companies approach CCPA and other upcoming requlations?
While the practical interpretation and implementation of the GDPR has been heavily discussed, it is sometimes overlooked that the GDPR itself offers solutions to handle the legal uncertainty: Codes of Conduct and Certifications.
Will your website will be in some way impacted by expanded privacy legislation like the GDPR? Do you need to change how you do business online? Much of what’s required is simply good data hygiene.
Multinationals face difficult and unique data privacy and security compliance challenges to successfully meet the ongoing waves of government regulations. To meet these challenges, multinationals must have enhanced visibility across their global key assets and comprehensive controls.
What Does India’s Proposed New Data Protection Law Mean for the Country – and the Rest of the World?
India's data protection law is already being criticized, with some claiming it does too little by not giving the data protection authority sufficient power to bring violators to justice; and others fearing it goes too far with the potential for mass surveillance