The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
The U.S. Department of Health and Human Services (HHS) has announced a plan to provide resources and incentives for the healthcare industry to adopt cybersecurity measures and to increase potential regulatory penalties for...more
On June 4, 2021, the European Commission adopted two new sets of standard contractual clauses (SCCs): one for data transfers from data controllers to data processors and one for data transfers from data exporters to data...more
6/14/2021
/ Compliance ,
Corporate Counsel ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Transfers ,
Employee Privacy Rights ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Human Resources Professionals ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The Court of Justice of the European Union (CJEU) recently declared that the EU-U.S. Privacy Shield is invalid because it does not provide an adequate level of protection for the transfer of personal data from the European...more
Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the...more
5/22/2019
/ Austria ,
CCTV ,
CNIL ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
Employer Liability Issues ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
Germany ,
Human Resources Professionals ,
Netherlands ,
Personal Data ,
Personnel Records ,
Portugal ,
Regulatory Violations ,
Risk Management ,
Social Networks ,
Surveillance ,
Video Recordings
Data breaches continue to be an unfortunate risk that companies face with increasing frequency. In this podcast, Rebecca Bennett, Stephen Riga, and Justin Tarka discuss data breaches from both a U.S. and EU perspective,...more
12/17/2018
/ Best Practices ,
Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Employer Liability Issues ,
EU ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Personal Data ,
Personally Identifiable Information ,
Risk Mitigation ,
Third-Party Service Provider
On April 19, 2018, the Article 29 Working Party (Working Party), which is comprised of representatives from the data protection authorities in each of the 28 European Union (EU) member states, issued a position paper stating...more
With less than six months until the May 25, 2018, effective date for the European Union (EU) General Data Protection Regulation (GDPR), companies are assessing their GDPR readiness and concentrating their compliance efforts...more
Four years ago, the Health Information Technology for Economic and Clinical Health Act (HITECH Act) introduced major revisions to the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of...more