Updates to Quebec’s Act to Modernize Legislative Provisions Respecting the Protection of Personal Information, more commonly known as “Law 25,” now requires businesses to respect consumer preferences and increase transparency surrounding the collection and use of their personal data.
Data Protection
Certain types of personal data are very valuable to criminals, and can be very damaging to an individual or business if it falls into the wrong hands. As the world becomes more digital and more connected, more of this sort of data is generated and passed between various sources on a regular basis.
Government regulations and supervisory authorities aren’t just about keeping irresponsible parties in line. They also provide vital security guidance to every type of organization that handles sensitive personal, business or government information.
Data protection regulations also ensure that the end user has a transparent view of and a say in the processing of personal data. These safeguards play a significant role in everything from the preservation of civil rights to ensuring that democratic institutions function properly.
Some types of personal data are clear candidates for regulation: medical records, banking information, national ID numbers and so on. But some of these regulations also cover items that might seem relatively innocuous at first glance: home addresses, email addresses, website profile information and so on. For example, the European Union General Data Protection Regulation (GDPR) has stipulations about anything that is unique to an individual to include phone numbers and social media accounts. People have varying levels of privacy preference with these items, but they are often protected by regulation because they can be used for targeted scams and attempts at identity theft.
Given that regulations often take the size and customer count of businesses into consideration in terms of penalties and the scope of protection of personal data, compliance is particularly important for enterprise-scale organizations. You do not necessarily have to have an active business presence in a country or region; simply storing data on or moving it through servers there may subject you to their data protection rules.
Processing personal health data under GDPR is a challenge for many European organizations during COVID-19 outbreak, what are the data protection and privacy approaches that they can take?
Texas is the tenth state to enact comprehensive data privacy protections for its residents. The Texas Data Privacy and Security Act will take effect July 1, 2024, giving Texas businesses a year to prepare for compliance with the new law.
U.S. is addressing GDPR compliance and data privacy through technologies whereas Europe is taking the litigation route, will Europe wake up at some point and realize they’re behind the technology curve?
The UK Data Protection and Digital Information (No. 2) Bill if passed would govern the processing of personal data in the UK and in doing so replace the current data protection regime in the UK. It would also introduce other concepts and frameworks which are based on the processing of personal data.
Privacy management software can help you increase your efficiency and accuracy by automating complex or high volumes of privacy management activities, including privacy impact assessments (PIAs)/data protection impact assessments (DPIAs), data mapping/data inventory, and enterprise assessments. How do you choose?
Nymity's 2018 Privacy Compliance Software Buyer's Guide helps a Privacy Office to navigate the different types of privacy compliance software and to best decide where to invest in order to mitigate risk, build accountability, and achieve ongoing compliance. Get the ultimate guide to buying privacy software.
Mobile applications collect a lot of personal data. What are the GDPR considerations for mobile app businesses when laying out the concept and execution of their application?
As we move into 2022, developments in ransomware, growing data sprawl, hybrid working, the nascent but growing use of artificial intelligence (AI) and machine learning (ML) technologies will continue to make a significant impact on data protection and management.
Company’s IT department plays a critical role in data protection, however HR is equally important to handle human side of business through GDPR compliance, exit strategies and privacy policies.










