Loading

Tag: Privacy

Tag: Privacy

The Tennessee Information Protection Act: A Comprehensive Overview

The Tennessee Information Protection Act is a legislation that protects the privacy of personal information collected by businesses and government agencies in Tennessee.    The Tennessee Information Protection Act (TIPA) is a significant legislative development in the sphere of data privacy, mirroring the growing trend of state privacy laws across the United States. This legislation

UK-US Data Bridge heralds a new era of transatlantic data flow

Alongside the EU- and Swiss-US Data Privacy Frameworks, the implementation of the UK-US Data Bridge heralds a new era of transatlantic data flow, emphasizing the importance of data protection.   On 12th October 2023, a significant milestone was achieved as the UK-US Data Bridge officially became law, marking a new era of transatlantic data flow.

The Connecticut Data Privacy Act

The Connecticut Data Privacy Act regulates and protects the personal data of Connecticut residents and requires businesses to implement comprehensive data protection measures.    The Connecticut Data Privacy Act (CDPA) is a robust legal framework designed to protect citizens’ privacy rights and regulate how companies and organizations handle personal data. The CDPA, like other state

Colorado Privacy Act

The Colorado Privacy Act enhances data control for Colorado residents, contributing to the move towards stronger data protection in the US.   The Colorado Privacy Act (CPA) was signed into law on July 7, 2021, and took effect on July 1st, 2023. Colorado became the third state, after California and Virginia, to enact comprehensive data

California Consumer Privacy Act: A Comprehensive Overview

The California Consumer Privacy Act (CCPA) is a landmark piece of legislation that aims to strengthen privacy rights and consumer protection for the residents of California. This legislation was enacted in June 2018 and became effective as of January 2020. In November of 2020, California the California Privacy Rights Act (CPRA) was approved, which amended

Data Protection Law and Regulations for Small and Medium-Sized Businesses

Recent changes in UK and EU data protection laws have imposed strict data protection and management requirements on SMBs, but there are ways for these businesses to ensure they remain in compliance.   The landscape of data protection law has undergone significant changes in recent years, particularly in the UK and the EU. These changes

Controller Binding Corporate Rules: New recommendations from the EDPB

The EDPB recently published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules.   The European Data Protection Board (EDPB) has recently adopted recommendations for the Controller Binding Corporate Rules (BCR-Cs) during their November plenary. The document includes recommendations on the Application for

Processor Code of Conduct published by LfDI of Baden-Württemberg, Germany

Baden-Württemberg DPA, LfDI has published a Processor Code of Conduct to aid data processors with self regulation.    The DPA of Baden-Württemberg, Germany has published a code of conduct for processors, providing more legal certainty with regard to data processing under the GDPR. Businesses and organisations within Germany and in general within the EU, who

Guidance on international transfers from the ICO

The UK’s ICO has published guidance on international transfers for businesses and organisations which process personal data.   In the aftermath of the publishing of the International Data Transfer Agreement (IDTA) and the Addendum to the European Union Standard Contractual Clauses (SCCs), the ICO has published guidance on international data transfers. This guidance includes a

Processing of health data by complementary health insurance providers: CNIL calls for further clarification

CNIL calls for clarification regarding the processing of health data by complementary health insurance providers in the face of several complaints.   CNIL calls for clarification regarding which conditions under which complementary health insurance providers are allowed to collect health data, after receiving several complaints regarding the legality of these insurance providers receiving data generated