Compliance
Global Privacy State of Play: What to Pay Attention to in 2023
There is no better way to kick things off in 2023, and just before Data Protection Day, than with a heads up about what to pay attention to this year in privacy and its ever expanding realm around the world. In short: Enforcement, enforcement, enforcement First point on the list: GDPR…
Read More »Privacy’s impact grows, but more remains to be done
Nearly all organizations today recognize the importance of privacy to their business. In a recent study, 94% of organizations said customers wouldn’t buy from them if their data was not properly protected and 95% said privacy has become a business imperative. Additionally, 98% said they report privacy metrics to their…
Read More »Why “Compliance” is not enough to succeed in Data Privacy
Welcome to “The Data Privacy Advantage Newsletter” which will be a monthly resource hub of practical information, advice and content that will help organizations make Data Privacy a business advantage. Ready or not, here comes the full force of many Data Privacy and data protection regulations in 2023! 2023…
Read More »Enforcement authorities urge integration of corporate compliance programs in 2023
The fundamental components of effective corporate compliance programs have not changed significantly in recent years.1 However, United States enforcement authorities are trying to reinvigorate companies’ attention to those programs. U.S. Department of Justice leaders expressed particular concern this year about whether companies have appropriately integrated their compliance departments. In March 2022,…
Read More »Data governance and privacy risks in Canada: A checklist for boards and c-suite
Privacy compliance and cyber risks are hot issues for the c-suite and board of directors, and for good reason. Under Canadian law, corporate directors are responsible for their corporation’s business, including risk identification and management activities, and are required to demonstrate a duty of care. And regulators aren’t the only…
Read More »Court Says “You May NOT Amend Your TOS by Posting New Terms to Your Site”
Most online terms-of-use agreements claim to give their drafters broad discretion to modify the terms at the host’s discretion. Some terms-of-use agreements purport to allow host websites to modify the terms by sending an email (inevitably, to your spam folder) to notify you of the changes. Others require users to…
Read More »You’re Not Ready for CPRA If Your Vendors Aren’t
Say you dutifully got your organization in good compliance with the GDPR, and then did the same for CCPA, and perhaps even for the state laws that followed from Virginia, Nevada, Colorado, Connecticut, and Utah. Great. But none of that prepared you for the new demands of the CCPA replacement: CPRA.…
Read More »A checklist to be ready by September 22, 2022
Certain amendments to Québec’s Act respecting the protection of personal information in the private sector, introduced by Bill 64, will come into force on September 22, 2022. A draft Regulation specifying the requirements of these new provisions was published on June 29, 2022, subject to 45 days of consultation, to come into…
Read More »The seven habits of effective Privacy Impact Assessments
There is something magical about the number seven. The seven deadly sins, the seven dwarfs, the seven year itch, those plucky child detectives who formed the Secret Seven, and the barn-raising dance number from Seven Brides for Seven Brothers. Plus of course, the seven habits of highly effective people. Here’s…
Read More »Canada’s Artificial Intelligence and Data Act: Impact for businesses
On June 15, 2022, the Minister of Innovation, Science and Industry, François-Phillippe Champagne introduced Bill C-27, An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts (or Digital Charter Implementation…
Read More »