Tag

Compliance

Browsing

On Tuesday, October 11, 2022, members of Baker McKenzie’s Global Data Privacy and Security Team, including Brian Hengesbaugh, Harry Valetk and Elizabeth Denham, presented at the Global Data Protection Program 2022 hosted by the Practising Law Institute. The program boasted an impressive line-up of data privacy experts from both government and industry to share practical insights. The half-day program was comprised of the following four segments: Introduction and Legislative Developments in Data Protection LawsNuts and Bolts of…

Vietnam has just released today a long-awaited Decree No. 71/2022/ND-CP amending and supplementing Decree No. 06/2016/ND-CP on the Management, Provision and Use of Radio and Television Services (“Decree 71”). Decree 71 will take effect as of 01 January 2023, the same effective date as the 2022 Cinema Law. In summary, compared with the latest draft version in July 2022, the MIC only made some slight updates to the wording of Decree 71. Salient issues under…

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage existing compliance mechanisms designed to comply with the CCPA to satisfy requirements under the Utah Consumer Privacy Act (“UCPA”), which will become operative on December 31, 2023. Most companies will not need to expand the scope of their CCPA-focused privacy notices to cover Utah residents exactly…

Join us for an in-person event with special guest, EEOC Commissioner Keith Sonderling Commissioner Sonderling is recognized for his thought leadership on inclusive AI. He is at the forefront of advocating for rational AI enforcement that meets the mandate of equality without disrupting innovation. He has noted the value of learning the perspectives of innovators, and legal and human resource professionals in this space through an open dialogue. A brief introduction video to Commissioner Sonderling can be found here.…

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (“CCPA”) can leverage existing vendor contract terms, website disclosures and data subject right processes to satisfy requirements under Nevada’s Revised Statutes Chapter 603A (www.leg.state.nv.us/Division/Legal/LawLibrary/NRS/NRS-603A.html). Most companies will not need to expand the scope of CCPA-focused privacy notices, because the Nevada laws are much more narrowly framed. But, companies may…

*Article originally posted on IAPP.org* On Aug. 31, hopes were dashed when the California legislative session ended without enacting Assembly Bill 1102. The bill would have extended grace periods for certain business-to-business and human resources personal information under the California Consumer Privacy Act as amended by the California Privacy Rights Act. CCPA/CPRA will become fully operational on Jan. 1, 2023, for B2B and HR personal information and will be subject to the same rigorous California privacy regulations…

Records and data retention can be complicated, particularly when balancing competing statutory requirements from around the globe, industry best practices, business needs, and the growing importance of privacy considerations. When faced with these realities, many organizations seek solutions that will make retention easier and more streamlined. While there are several ways to achieve this, organizations need to proceed with caution when choosing which aspects of their retention policies and procedures to simplify. One aspect organizations…

In recent years, the world of cross-border data flows has changed dramatically, driven by the exponential growth of data and the increasing ability and desire to harness and exploit it, as well as the growing number of regulatory developments that have created a patchwork of varying approaches across jurisdictions, which organizations must now navigate. Cross-border data transfers have become an increasingly complex issue, intersecting different areas of regulatory focus, including not only privacy and cybersecurity,…

Numerous data privacy and security laws govern the private sector’s collection and use of health data in the USA. These laws vary in scope and substance but some combination of them would probably apply to your company if, for example, it does any of the following in the country: Diagnoses or treats patients’ health conditions;Offers an app intended to promote the health or wellness of consumers;Provides health insurance or helps to process health insurance claims;Collects…

After years of legislative debate, Congress passed a new law requiring key businesses to report certain data breaches—or “covered incidents”—to the government. Signed by President Biden on March 15, 2022, the law, part of the Strengthening American Cybersecurity Act, requires companies that operate critical infrastructure—financial institutions, utilities, and other organizations—to share information with the Cybersecurity and Infrastructure Security Agency (CISA) about certain cybersecurity incidents within 72 hours and ransomware payments to cyber criminals within 24…