Medical Device Legal News with Sam Bernstein: Episode 11
On April 14 2025, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place on April 8 2025, during which the EDPB adopted draft Guidelines on processing of personal data through...more
On December 2 – 3 2024, the European Data Protection Board (EDPB) met for its 99th plenary session. It subsequently issued several documents, one of which calls for the need for greater alignment between the GDPR and EU...more
The draft guidelines provide further clarification to the EDPB’s interpretation of legitimate interests, and suggest a potential divergence with the UK ICO....more
On 9 October 2024, the European Data Protection Board (EDPB) published its draft Guidelines on the processing of personal data based on legitimate interest for public consultation. The draft Guidelines, adopted on 8 October...more
A few days ago, the French Data Protection Authority (CNIL) published its first draft guidelines for the use of AI systems in the form of "AI How-To Sheets" with the aim to “help professionals reconcile innovation with...more
The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more
The updated guidelines (05/2021) from the European Data Protection Board (“EDPB”) issued on 14 February 2023 (the “New Guidelines”) look at the interplay of two fundamental, protective mechanisms contained in the EU GDPR....more
It has been a bustling fall for the California Privacy Protection Agency (CPPA or Agency). In the spirit of the upcoming holiday season, the Agency gifted us not one but two rounds of proposed modifications to the regulations...more
The EDPB sets out relevant steps and factors that EU supervisory authorities should consider when calculating administrative fines under the GDPR. On 16 May 2022, the European Data Protection Board (EDPB) adopted draft...more
MHRA LAUNCHES UK CLINICAL TRIAL REGULATION CONSULTATION - The UK Government, through the Medicines and Healthcare Products Regulatory Agency (MHRA) (the medicines and medical device regulator in the United Kingdom),...more
Research and development, innovation, product and service improvement, AI design and deployment...these are key commercial drivers for the successful modern business. They also underpin technological, medicinal, and other...more
On January 18, 2022, the European Data Protection Board (the "EDPB") issued the Guidelines 01/2022 on data subject rights - Right of access (the "Draft Guidelines"), laying out its interpretation of Article 15 GDPR on the...more
On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
US companies and other organizations whose activities involve the use of personal information from Europe were unsettled by the EU Court of Justice’s July 2020 Schrems II decision that cast doubt on the lawfulness of...more
On 2 September 2020, the European Data Protection Board (“EDPB”) published draft guidelines on the concepts of controller, joint controllers and processor, which – as explained below - play a crucial role within GDPR...more
On February 7, 2020, the European Data Protection Board (EDPB) published draft guidelines on the processing of personal data in the context of connected vehicles and mobility related applications. If adopted in their current...more
The European Data Protection Board has published draft guidelines for public comment on the data protection aspects of connected vehicles. Key takeaways: The Relevant Players- Non exhaustive list of stakeholders: vehicle...more
In this month's edition of our Privacy & Cybersecurity Update, we take a look at guidance on artificial intelligence released by the U.K. Information Commissioner's Office and the Turing Institute, as well as guidance...more
The United Kingdom's Information Commissioner's Office has issued, for public consultation, draft guidance on the right of access under the General Data Protection Regulation (GDPR). Key takeaways: To Prepare for a Data...more
On 2 December 2019, the UK Information Commissioner's Office ("ICO") together with The Alan Turing Institute published1 a three-part consultation (with draft guidance) on explaining decisions made with Artificial Intelligence...more
The UK Information Commissioner’s Office has issued a data sharing code of conduct for public consultation. Key takeaways: When considering sharing data, assess your overall compliance with the data protection...more
The European Data Protection Board (EDPB) has issued draft guidelines on the GDPR legal basis of “necessary for the performance of a contract”....more
Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the...more
The Situation: The General Data Protection Regulation has a broad territorial scope and can apply to businesses based outside the European Union. The Result: The European Data Protection Board has provided important...more