Healthcare Document Retention
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
Spring Cleaning for Legal Teams: The Cloud and Defensible Deletion of Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Sitting with the C-Suite: Trial Teams – Narrowing Data through Centric Search
Sitting with the C-Suite: Normalizing Business Practices through Litigation Data
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
[WEBINAR] Public Records Act - Taming the Email Tiger
E14: The Three Pillars of GDPR
Three Key Data Retention Questions
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
Editor’s Note: In this insightful discussion between John Wilson, Chief Information Security Officer and President of Forensics at HaystackID, and Rene Novoa, Director of Forensics at HaystackID, we delve into the intricate...more
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
On 4 May 2023, the European Court of Justice (CJEU) delivered its highly anticipated judgement in Österreichische Post (Case C-300/21) on a crucial issue: the extent to which data subjects affected by a breach of the GDPR...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
You need a data retention plan. No really. And not just in the European Union. In California too. Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform Discord 800,000 EUR for (non...more
Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian Data Protection...more
FTC Is Tracking Twitter Developments With “Deep Concern” - Elon Musk’s recent purchase of Twitter has led to numerous resignations in the security department. Most recently, Twitter’s chief information security officer,...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
What Happened? On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
On January 15, the Court of Justice of the European Union’s (CJEU) Advocate General (AG) Manuel Campos Sánchez-Bordona delivered his Opinion on four references for preliminary rulings on the topic of retention of and access...more
GDPR Data minimization in action. Danish Data Protection Authority (Datatilsynet) finds cab company Taxa 4×35’s records retention practices in violation of the GDPR data minimization principle. The cab company removed names...more
In a country renowned for protecting the privacy of its citizens, Germany has undertaken a pilot program that does just the opposite. In a trade off between privacy and convenience, German residents can now enroll in a...more
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more
This article is Part 4 of our series on the GDPR for U.S.-based companies. Part 1 assisted U.S.-based companies in determining whether the GDPR applies to them; Part 2 provided an overview of the GDPR’s key concepts and...more
This issue of Privacy Matters examines the flow of personal data. Creating a data map is a quick way to identify, understand and record what happens to any personal data you have. Data maps should be kept on file and should...more
Today, the Spanish data protection agency (AEPD) fined Facebook 1.2 million euros ($1.4 million USD) in connection with how the company collects personal data for advertising purposes. The AEPD said Facebook did not get...more
With respect to Internet privacy, as a result of recent U.S. government action, Americans now have less protection and are more at risk of government surveillance and potential misuse of their personal information, as...more
After its invalidation of the data retention requirements imposed by Directive 2006/24/EC in its Digital Rights Ireland decision dated 8 April 2014, the ECJ was requested to assess the compatibility with the Directive...more
In a decision published on 21 December 2016, the Court of Justice of the European Union (“ECJ”) invalidated legislation in two EU member states – the UK and Sweden – requiring telecommunication operators to retain users’...more
A recent decision of the Court of Justice of the European Union (“ECJ”) imposes restrictions on the use by member states’ law enforcement and national security agencies of telecommunication traffic and location records as...more
Some interesting links we found across the web this week: 'Regtech' startups see more business in Trump era - Startups are beginning to react to the looming possibility of deregulation under the incoming...more