David Manek

David Manek

Ankura

Contact
View Bio
RSS

Latest Posts › Cybersecurity

Share:

The EU’s AI Act: Obligations of AI Users and GDPR Article 35

In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more

4/19/2024  /  Artificial Intelligence , Cybersecurity , Data Protection , EU , European Commission , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Machine Learning , Regulatory Oversight , Reporting Requirements , Risk Management , Risk-Based Approaches , Technology Sector

EU’s AI Act: AI Risk Management System

In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our prior article titled “An Introduction to the EU AI Act,” we focused on the applicability, timing, and penalties of the EU AI...more

2/16/2024  /  Artificial Intelligence , Cybersecurity , Documentation , EU , Information Governance , Popular , Recordkeeping Requirements , Regulatory Oversight , Risk Management , Transparency

Privacy Impact Assessments – Practical Considerations

This is the first of a multi-article series focused on privacy impact assessments. This first article provides an overview of privacy impact assessments, the existing and pending privacy laws which require privacy impact...more

1/10/2022  /  California Privacy Rights Act (CPRA) , CDPA , Cybersecurity , Data Privacy , Data Protection Impact Assessments (DPIAs) , General Data Protection Regulation (GDPR)

New Proposed Laws include Safe Harbor when Aligned with NIST Privacy Framework

A new trend in privacy and cybersecurity laws is the introduction of safe harbor clauses for aligning data protection controls to recognized data privacy and cybersecurity frameworks. OHIO HB376: In July 2021, Ohio...more

8/4/2021  /  California Consumer Privacy Act (CCPA) , Cybersecurity , Data Privacy , Data Protection , General Data Protection Regulation (GDPR) , Health Insurance Portability and Accountability Act (HIPAA) , NIST , Popular , Privacy Laws , Proposed Legislation , Safe Harbors

5 Best Practices for Third Party Risk Management

Organizations are becoming increasingly reliant on external parties to manage parts of their business. The centralized knowledge, expertise, and economies of scale that third parties provide enables organizations to focus...more

7/5/2021  /  Anti-Bribery , California Consumer Privacy Act (CCPA) , Collaboration , Coronavirus/COVID-19 , Cybersecurity , Due Diligence , General Data Protection Regulation (GDPR) , Health Insurance Portability and Accountability Act (HIPAA) , NIST , NYDFS , Risk Management , Software , Third-Party Risk , Transparency , Vendors

New SCCs are here: what they mean and what you need to do next.

After much anticipation, the European Commission has published new Standard Contractual Clauses (SCCs). Under the General Data Protection Regulation (GDPR), when personal data of individuals in the European Economic Area...more

6/14/2021  /  Cybersecurity , Data Processors , Data Protection , EU , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , International Data Transfers , National Security , Personal Data , Schrems I & Schrems II , Standard Contractual Clauses

Privacy Considerations in Debt Refinancing and Equity Seed Funding – Are you prepared?

In an era of increased M&A transactions, organizations must understand the risks and potential liabilities associated with the personal information they obtain on their customers, vendors, and employees....more

6/8/2021  /  Acquisition Agreements , Corporate Sales Transactions , Cybersecurity , Data Management , Data Privacy , Data Retention , Due Diligence , Funding Opportunities , Information Technology , Investors , Merger Agreements , Seed Financing

11 Months After Schrems II - How Are Organizations Addressing Risk?

Organizations are closely tracking which of their vendors previously relied on Privacy Shield. Separately, they are preparing Transfer Impact Assessments (“TIAs”) to evaluate and address risks associated with personal data...more

6/1/2021  /  Binding Corporate Rules , Court of Justice of the European Union (CJEU) , Cybersecurity , Data Protection , Data Protection Authority , EU , EU-US Privacy Shield , European Data Protection Board (EDPB) , FISA , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Personally Identifiable Information , Risk Mitigation , Schrems I & Schrems II , Standard Contractual Clauses

Build A Data Inventory That Benefits Everyone

A data inventory is the fundamental building block for an effective privacy program.  In its simplest form, a data inventory can be thought of as a matrix which documents 1) what personal data is being collected by the...more

5/27/2021  /  California Consumer Privacy Act (CCPA) , Compliance , Cybersecurity , Data Collection , Data Privacy , Data Processors , Data Retention , General Data Protection Regulation (GDPR) , Health Insurance Portability and Accountability Act (HIPAA) , Information Governance , Popular
9 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide