Under expanding U.S. state privacy laws, businesses must be prepared to assess the protection of certain personal information and individuals’ privacy rights prior to initiating planned data processing activities. While similar impact assessments may be familiar if...
PRIVACY
Implementation Notes: CPRA Draft Regulations and the Impact on Third-Party Agreements
The latest draft of CPRA regulations (released on November 3, 2022) includes new requirements for agreements with service providers, contractors, and third parties that retain, use, or disclose Personal Information (“PI”). The draft regs specify that agreements must:...
GDPR Code of Conduct : Current State and Considerations for Next Steps
Since the EU General Data Protection Regulations (“GDPR”) came into effect in 2018, there has been much discussion, but little action, with regard to Article 40 Codes of Conduct (”Codes”) …
Healthcare Interoperability: Preparing to Meet New Privacy and Security Obligations
Written by Dan Goldstein (Partner and Co-Founder), Kamal Govindaswamy (Partner and Co-Founder) and Monica Meiterman-Rodriguez (Privacy Consultant). Healthcare Information Technology (Health IT) in the United States has undergone considerable change …
SCCs under Scrutiny: Transfer Strategies for US Companies Contracting with EU Service Providers
For many US-based multinational organizations, EU-approved Standard Contractual Clauses (“SCCs”) have long represented a relatively straightforward solution for the compliant transfer of personal data of EU residents to the organizations’ …
Building the Privacy Balance Sheet in VC and PE Portfolios
By Rob McWilliams, Consultant – Tueoris In a global economy that is more reliant than ever on digital information, personal data is a high-value asset that carries corresponding risks. …
Facilitating Effective Responses to Data Subject Requests with Detailed Process Workflows
Organizations subject to global privacy regulations spend what often seems an exorbitant amount of time and resources to reach compliance objectives and keep up with constantly evolving privacy requirements. Data …
CCPA and Security Safeguards or Requirements
The California Consumer Privacy Act of 2018 (CCPA) is shaping up to be the most significant consumer privacy law passed in the United States in recent memory. The Act, which becomes …
Operationalizing CCPA Compliance: Know Your Data and Establish Detailed and Practical Workflows
By Dan Goldstein, Co-Founder and Partner, Tueoris, LLC. Introduction If you’re a privacy professional that spent a good chunk of 2018 living through the run-up to the EU General Data …