Category

Data Privacy & Security

Category

Numerous data privacy and security laws govern the private sector’s collection and use of health data in the USA. These laws vary in scope and substance but some combination of them would probably apply to your company if, for example, it does any of the following in the country: Diagnoses or treats patients’ health conditions;Offers an app intended to promote the health or wellness of consumers;Provides health insurance or helps to process health insurance claims;Collects…

E-commerce is used as the mechanism for delivering information, products, services or payments by electronic means including computer, telephone, or other automated means. The use of e-commerce operations has emerged across a range of business activities and may be provided through the following business models: business-to-business (B2B), business-to-consumer (B2C), consumer-to-consumer (C2C), and consumer-to-business (C2B). There are several advantages for businesses to engage in e-commerce operations including significant cost reductions, flexible operating arrangements, rapid response to…

Lothar Determann, Baker McKenzie Partner and UC Berkeley School of Law Professor, recently joined Helen Dixon, Data Protection Commissioner for Ireland, to present at the Berkeley Center for Law and Technology (BCLT) during Berkeley Law’s IP & Tech Month. Throughout the month, BCLT hosted a number of curated sessions to provide practitioners with the most relevant, up-to-date information from top experts in the field. Lothar and Helen provided a year-in-review of international privacy for US…

In advance of its June 8 public board meeting, the California Privacy Protection Agency (“CPPA”) has released draft regulations intended to implement and interpret new requirements under the California Privacy Rights Act (“CPRA”).  In addition to codifying the new obligations under the CPRA (e.g., the right to correct, right to opt out of “sharing”), the Draft Regs include helpful illustrative examples and also provide details regarding certain new obligations, which we’ve summarized below. Key Takeaways…

After numerous delays the Thailand Personal Data Protection Act (PDPA) has officially come into effect as of today (1st June). Any and all businesses that handle personal data in one way or another are now required to implement additional measures or alter the way in which they interact with customers, business partners and employees. Some of the key steps that will need to be taken involve updating or issuing a new privacy policy; providing data…

In March 2022, Baker McKenzie’s Data Privacy & Security Team across offices presented the Asia Pacific edition of Deciphering Data, the Firm’s webinar series that aims to help companies and organizations decode complex developments in data privacy and cybersecurity. Our diverse team of cross-border experts offered their expertise and insight in this webinar series to help you understand the legal lay of the land and prepare for the future of privacy in Asia Pacific and…

On April 28, 2022, the Connecticut State House passed Senate Bill (‘SB’) 6 for An Act Concerning Personal Data Privacy and Online Monitoring (‘the Act’), following its earlier passage by Connecticut’s Senate.  If enacted, the Act would take effect on 1 July 2023. Like California, Virginia, and Colorado, the Act would include several consumer rights, including the rights of access, correction, deletion, data portability, and the right to opt-out of targeted advertising, the sale of…

In this episode, Harry Valetk is joined by partners Francesca Gaudino, based in Milan, and Michaela Nebel, based in Frankfurt, as they discuss privacy notice obligations. Listen in to hear about whether or not data privacy notifications are still relevant and other key considerations that may be overlooked including: How often companies and data protection officers should review their noticesEmployee vs. customer privacy noticesOnline vs. offline privacy noticesLanguage requirements and more https://open.spotify.com/episode/0oqo22X8U2xPCznVDqUJtp Want to Learn…

As the rumors travel fast and some have mistakenly spread the news that the draft Personal Data Protection Decree (“PDPD”) was issued, here is a quick update on the recent developments regarding the approval process of the draft PDPD in Vietnam. By way of background, on 8 March 2022, the Vietnamese Government issued Resolution No. 27/NQ-CP (“Resolution 27”) on the Approval for the Dossier of the Draft PDPD. As assigned by the Government under Resolution…

Synthetic datasets could change the way developers train AI models in healthcare. They have the potential to increase the size of training datasets for AI models, whilst protecting patient privacy, but is this really a solution or just hype? We’ve set out 7 things you need to know. 1. What is synthetic data? A synthetic dataset is an “artificial” dataset containing computer-generated data instead of real-word records. In the healthcare setting, the term “synthetic data” is…