A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Whether you are swamped by a deluge of subject rights requests or just want more time to spend on strategic work, managing SRRs effectively is a highly sought-after goal — one that's seldom achieved. Between parsing...more
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
On February 27 2025, the Court of Justice of the European Union (CJEU) delivered a judgment in CK v Dun & Bradstreet (Case C-203/22). This judgment clarifies the GDPR provisions regarding the right of access to personal...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
As of September 22, 2024, the final provision of Law 25, An Act to modernize legislative provisions as regards the protection of personal information will take effect, establishing a new right to data portability for...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
State and international laws provide consumers and employees (including job applicants and former employees) with certain rights, such as the right to find out what personal information a business has about the individual,...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
As data privacy regulations have become increasingly commonplace in the last decade, organizations have had to strategically assess how they collect, process, store, and sell consumer data. To better equip themselves for this...more
In the not-so-distant past, data risk was primarily seen as a technology challenge. How can organizations store all the data they accumulate? How can they sort and analyze it? How can they protect it from exfiltration by...more
Data protection laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are a major cause for concern for organizations. While the biggest fines garner headlines, such as...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
In the last few years, data privacy laws and regulations have been big news. Much of the coverage—including one of our recent blog posts—concerned website compliance. Companies scrambled to post notices and forms on their...more
Certain Colorado companies and others targeting Coloradans will soon be subject to the newly enacted Colorado Privacy Act (“CPA”), signed into law by Gov. Jared Polis on July 8, 2021. Colorado joins California and Virginia as...more
As consumer privacy continues to be a global concern, it is increasingly important to know where company data resides in order to maintain compliance. It is no longer just the European Union’s General Data Protection...more
Learn More About: - The Biggest Threats to Organizations - What 2021 Will Bring for Data Subject Requests - Aligning Privacy Approaches to Ensure Global Compliance - The Outlook on Future New Regulations - Steps...more
If you are responsible for handling data subject requests made pursuant to the EU General Data Protection Regulation or verified consumer requests made pursuant to the California Consumer Privacy Act, chances are you have...more
When it comes to data privacy law, change is the only constant. The global pandemic unleashed a new set of risks related to data privacy that companies will have to confront in 2021. But despite the COVID chaos, data privacy...more
The COVID-19 virus outbreak poses serious challenges to businesses operating globally, including in Europe. In response to the outbreak, governments worldwide are taking increasingly severe measures to fight the pandemic, and...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more
With the enactment of the European General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act ("CCPA”), the restaurant and food service industry has been forced to cope with a shifting privacy...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
The first landmark data privacy law in the United States goes into effect Jan. 1, 2020. The California Consumer Privacy Act (CCPA) is set to be the toughest privacy law in the country and will apply to more than 500,000 U.S....more