A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Work This Way: A Labor & Employment Law Podcast | Episode 15: eDiscovery for Employers with Angela O’Neal, Nextra Solutions Director
Calculating eDiscovery Costs: Tips from Brett Burney
Work This Way: A Labor & Employment Law Podcast - Episode 6: Digital Forensics & Protecting Trade Secrets with Clark Walton
Managing Large Scale Review Efficiency: Tips From a GC
Record Retention and Information Governance
The Great Link Debate and the Future of Cloud Collaboration
Data Driven Compliance - Malcolm Hawker and Fit for Purpose Data
Review Analytics for a New Era
Data Governance for the BYOD Age
Podcast: Interoperability: Health Care's Next Disruptor Is openEHR - Diagnosing Health Care
Innovation in Compliance - Episode 224 - Leveraging Communications as an Asset with Robert Cruz
The Anatomy Of A Successful ETRM Implementation
Modernize your Information Governance: Building a Framework for Success
Innovations in eDiscovery Managed Services
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Chris Ford on Compliance and Cloud Computing
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
With the announcement of UK General Election for Thursday 4 July 2024, the Data Protection and Digital Information Bill has not completed the legislative process before the end of the current parliamentary session and will...more
Last month, the European Union’s new Data Governance Act (DGA) came into effect. Our Privacy, Cyber & Data Strategy Group provides an overview of the key features of the DGA and discusses how the new law may impact businesses...more
On September 21, 2023, the UK Government announced the establishment of the “UK-US data bridge” (the Bridge), also known as the UK Extension to the EU-U.S. Data Privacy Framework (the DPF). The announcement promises to...more
In the last few months alone, dozens of reported data breaches have already occurred. From Twitter’s breach that leaked millions of user accounts to ChatGPT’s breach that exposed subscriber payment information, it can...more
In 1992, Singapore banned the sale of all chewing gum. But if you owned a cornerstore in the U.S. and a Singaporean tourist came to visit your business, there would be nothing to stop you from selling them a pack of gum—in...more
The Advocate General (AG) Pikamäe of the Court of Justice of the European Union (CJEU) issued his opinions in three cases concerning the credit rating agency SCHUFA Holding AG (SCHUFA) on 16 March 2023....more
The Court of Justice of the European Union (CJEU) published its decision in Norra Stockholm Bygg AB v Per Nycander AB, C-268/2021 (Norra) on 2 March 2023. The CJEU held that the GDPR applies, in civil court proceedings, to...more
The privacy landscape in the United States and much of the world is quickly evolving around the framework of the General Data Protection Regulation (GDPR) within the European Economic Alliance (EEA). Clinical trials involve...more
2023 continues to be a busy year for European data protection authorities. Following its release of the Irish Data Protection Commission’s (DPC’s) binding decisions in cases against Facebook and Instagram, the European Data...more
En Europa, las condiciones para compartir datos entre empresas son tan complicadas en ocasiones que el potencial de la industria no está tan explotado como podría. Esto conlleva una pérdida de competitividad de la industria...more
CYBERSECURITY - CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors - The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
In Europe, the current conditions for sharing data between companies are so complicated that the potential of the industry is not fully exploited. This results in the loss of competitiveness of the European industry compared...more
When the U.K. disentangled from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring...more
The EU’s General Data Protection Regulation (GDPR) regulates the transfer of personal data in the European Union. For many multinational employers, Standard Contractual Clauses (SCCs) offer the only practical means of...more
Our 2022 Data Security Incident Response Report discussed how businesses can be better positioned to meet the tight data breach notification deadlines now imposed in dozens of countries worldwide. In particular, we...more
Is your business one that has not prioritized compliance with data privacy laws because you do not collect personal data about your customers? If so, you are in good company, but it is time to reframe your approach on data...more
On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their own purposes (the “Guidance”)....more
Companies not established in the UK who process the personal data of UK-based individuals are required to appoint a representative in the UK pursuant to Article 27 of the UK GDPR. This requirement may become less practical...more
EDPB Issues Draft Guidance on International Data Transfers - On November 18, 2021, the European Data Protection Board (“EDPB”) published draft guidance on the interaction between the GDPR’s transfer provisions set out in...more
Since 2018, the decision-making arsenal of the UK Information Commissioner’s Office (“ICO”) has included the Regulatory Panel, a body tasked with making independent recommendations to the Commissioner regarding proposed...more
In the last few years, data privacy laws and regulations have been big news. Much of the coverage—including one of our recent blog posts—concerned website compliance. Companies scrambled to post notices and forms on their...more
The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies. Laws like the General Data Protection Regulation (or “GDPR”) seek to...more
Consent is newly defined by the California Privacy Rights Act (CPRA). While this new definition of consent—which highlights specific, informed, and freely-given actions—closely aligns with the European Union’s General Data...more
Following in the footsteps of the California Consumer Privacy Act (CCPA), the Commonwealth of Virginia has become the second U.S. state to enact comprehensive consumer data protection legislation. ...more
Elizabeth Burgin Waller Principal John Pilch Cybersecurity/Privacy Analyst The Virginia Consumer Data Protection Act (CDPA, or “the Act”) makes Virginia the second state in the nation to have sweeping data privacy...more