Under expanding U.S. state privacy laws, businesses must be prepared to assess the protection of certain personal information and individuals’ privacy rights prior to initiating planned data processing activities. While similar impact assessments may be familiar if...
The latest draft of CPRA regulations (released on November 3, 2022) includes new requirements for agreements with service providers, contractors, and third parties that retain, use, or disclose Personal Information (“PI”). The draft regs specify that agreements must:...
Since the EU General Data Protection Regulations (“GDPR”) came into effect in 2018, there has been much discussion, but little action, with regard to Article 40 Codes of Conduct (”Codes”) …
Written by Dan Goldstein (Partner and Co-Founder), Kamal Govindaswamy (Partner and Co-Founder) and Monica Meiterman-Rodriguez (Privacy Consultant). Healthcare Information Technology (Health IT) in the United States has undergone considerable change …
For many US-based multinational organizations, EU-approved Standard Contractual Clauses (“SCCs”) have long represented a relatively straightforward solution for the compliant transfer of personal data of EU residents to the organizations’ …
By Rob McWilliams, Consultant – Tueoris In a global economy that is more reliant than ever on digital information, personal data is a high-value asset that carries corresponding risks. …
Organizations subject to global privacy regulations spend what often seems an exorbitant amount of time and resources to reach compliance objectives and keep up with constantly evolving privacy requirements. Data …
The California Consumer Privacy Act of 2018 (CCPA) is shaping up to be the most significant consumer privacy law passed in the United States in recent memory. The Act, which becomes …
By Dan Goldstein, Co-Founder and Partner, Tueoris, LLC. Introduction If you’re a privacy professional that spent a good chunk of 2018 living through the run-up to the EU General Data …