Medical Device Legal News with Sam Bernstein: Episode 11
European Data Protection Board Publishes Strategy for 2024-27 - The European Data Protection Board (“EDPB” - the EU body tasked with promoting consistency and cooperation in enforcement of the GDPR) has outlined its...more
A few days ago, the French Data Protection Authority (CNIL) published its first draft guidelines for the use of AI systems in the form of "AI How-To Sheets" with the aim to “help professionals reconcile innovation with...more
The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more
The updated guidelines (05/2021) from the European Data Protection Board (“EDPB”) issued on 14 February 2023 (the “New Guidelines”) look at the interplay of two fundamental, protective mechanisms contained in the EU GDPR....more
It has been a bustling fall for the California Privacy Protection Agency (CPPA or Agency). In the spirit of the upcoming holiday season, the Agency gifted us not one but two rounds of proposed modifications to the regulations...more
The EDPB sets out relevant steps and factors that EU supervisory authorities should consider when calculating administrative fines under the GDPR. On 16 May 2022, the European Data Protection Board (EDPB) adopted draft...more
MHRA LAUNCHES UK CLINICAL TRIAL REGULATION CONSULTATION - The UK Government, through the Medicines and Healthcare Products Regulatory Agency (MHRA) (the medicines and medical device regulator in the United Kingdom),...more
Research and development, innovation, product and service improvement, AI design and deployment...these are key commercial drivers for the successful modern business. They also underpin technological, medicinal, and other...more
On January 18, 2022, the European Data Protection Board (the "EDPB") issued the Guidelines 01/2022 on data subject rights - Right of access (the "Draft Guidelines"), laying out its interpretation of Article 15 GDPR on the...more
On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data...more
On November 19 the European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3 of the GDPR (which establishes the GDPR’s territorial scope), and the GDPR’s international transfer...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
US companies and other organizations whose activities involve the use of personal information from Europe were unsettled by the EU Court of Justice’s July 2020 Schrems II decision that cast doubt on the lawfulness of...more
On 2 September 2020, the European Data Protection Board (“EDPB”) published draft guidelines on the concepts of controller, joint controllers and processor, which – as explained below - play a crucial role within GDPR...more
On February 7, 2020, the European Data Protection Board (EDPB) published draft guidelines on the processing of personal data in the context of connected vehicles and mobility related applications. If adopted in their current...more
The European Data Protection Board has published draft guidelines for public comment on the data protection aspects of connected vehicles. Key takeaways: The Relevant Players- Non exhaustive list of stakeholders: vehicle...more
In this month's edition of our Privacy & Cybersecurity Update, we take a look at guidance on artificial intelligence released by the U.K. Information Commissioner's Office and the Turing Institute, as well as guidance...more
The United Kingdom's Information Commissioner's Office has issued, for public consultation, draft guidance on the right of access under the General Data Protection Regulation (GDPR). Key takeaways: To Prepare for a Data...more
On 2 December 2019, the UK Information Commissioner's Office ("ICO") together with The Alan Turing Institute published1 a three-part consultation (with draft guidance) on explaining decisions made with Artificial Intelligence...more
The UK Information Commissioner’s Office has issued a data sharing code of conduct for public consultation. Key takeaways: When considering sharing data, assess your overall compliance with the data protection...more
The European Data Protection Board (EDPB) has issued draft guidelines on the GDPR legal basis of “necessary for the performance of a contract”....more
Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the...more
The Situation: The General Data Protection Regulation has a broad territorial scope and can apply to businesses based outside the European Union. The Result: The European Data Protection Board has provided important...more
Does the EU General Data Protection Regulation (GDPR) apply to me? This is a question with which many U.S.-based companies have been grappling since the GDPR took effect on May 25. Six months later, the European Data...more
One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent. For many years, companies operating in...more