The collection of personal data by organizations in the sports industry creates unique data privacy challenges. Generally, a business-to-consumer organization is focused on the personal data of its customers and separately...more
3/15/2023
/ California Privacy Rights Act (CPRA) ,
Collective Bargaining Agreements (CBA) ,
Compliance ,
Data Collection ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Revenue ,
Risk Management ,
Sports
The California Office of Attorney General (OAG) is responsible for enforcing the CCPA and began sending notifications of alleged non-compliance to companies on July 1, 2020.
Almost a year later, in June of 2021, the OAG...more
Authors: David Manek, Joe Shepley and Mark Melnychenko The California Privacy Rights Act (CPRA) which goes live January 1, 2023 introduces data retention and deletion requirements very similar to those that we see in the...more
7/20/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Data Deletion ,
Data Storage ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
Governance Standards ,
Personal Data ,
Risk Management ,
Rulemaking Process ,
Sensitive Personal Information
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
6/28/2021
/ Adtech ,
California Consumer Privacy Act (CCPA) ,
CDPA ,
Cookies ,
COPPA ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Personal Data ,
Popular ,
Privacy Laws ,
Sensitive Personal Information ,
Third-Party Service Provider ,
Virginia
After much anticipation, the European Commission has published new Standard Contractual Clauses (SCCs). Under the General Data Protection Regulation (GDPR), when personal data of individuals in the European Economic Area...more
6/14/2021
/ Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
National Security ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Organizations are closely tracking which of their vendors previously relied on Privacy Shield. Separately, they are preparing Transfer Impact Assessments (“TIAs”) to evaluate and address risks associated with personal data...more
6/1/2021
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Mitigation ,
Schrems I & Schrems II ,
Standard Contractual Clauses