Since the EU General Data Protection Regulations (“GDPR”) came into effect in 2018, there has been much discussion, but little action, with regard to Article 40 Codes of Conduct (”Codes”) …
PRIVACY
Healthcare Interoperability: Preparing to Meet New Privacy and Security Obligations
Written by Dan Goldstein (Partner and Co-Founder), Kamal Govindaswamy (Partner and Co-Founder) and Monica Meiterman-Rodriguez (Privacy Consultant). Healthcare Information Technology (Health IT) in the United States has undergone considerable change …
SCCs under Scrutiny: Transfer Strategies for US Companies Contracting with EU Service Providers
For many US-based multinational organizations, EU-approved Standard Contractual Clauses (“SCCs”) have long represented a relatively straightforward solution for the compliant transfer of personal data of EU residents to the organizations’ …
Building the Privacy Balance Sheet in VC and PE Portfolios
By Rob McWilliams, Consultant – Tueoris In a global economy that is more reliant than ever on digital information, personal data is a high-value asset that carries corresponding risks. …
Facilitating Effective Responses to Data Subject Requests with Detailed Process Workflows
Organizations subject to global privacy regulations spend what often seems an exorbitant amount of time and resources to reach compliance objectives and keep up with constantly evolving privacy requirements. Data …
CCPA and Security Safeguards or Requirements
The California Consumer Privacy Act of 2018 (CCPA) is shaping up to be the most significant consumer privacy law passed in the United States in recent memory. The Act, which becomes …
Operationalizing CCPA Compliance: Know Your Data and Establish Detailed and Practical Workflows
By Dan Goldstein, Co-Founder and Partner, Tueoris, LLC. Introduction If you’re a privacy professional that spent a good chunk of 2018 living through the run-up to the EU General Data …
Practical Solutions to CCPA Challenges for Financial Institutions’ Sales and Marketing Activities
The California Consumer Privacy Act (“CCPA”) becomes effective in less than a year and businesses – especially those in highly regulated sectors – should consider assessing their privacy programs now …
How Deep Must We Dig? Fulfilling Data Subject Access Requests From Current and Former Employees
By Mayra Cavazos, Senior Consultant, Tueoris, LLC Responding in an appropriate and adequate manner to data subject access requests from employees or former employees in the European Union (“EU”) is …