In the wake of repeated data leaks, the Business Roundtable proposed a framework for US national privacy legislation. The recommendations represent the position of over 200 corporations and come…
October marked six months under the new GDPR regulations. The findings from this initial period suggest that consumers are increasingly holding companies accountable for proper data security and that…
Billions of people have had their personal information breached and abused after entrusting it to companies online. The GDPR is the most ambitious regulatory effort to make sure this…
Art. 84 GDPR Penalties Member States shall lay down the rules on other penalties applicable to infringements of this Regulation in particular for infringements which are not subject to…
Art. 82 GDPRRight to compensation and liability Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right…
Art. 70 GDPR Tasks of the Board The Board shall ensure the consistent application of this Regulation. To that end, the Board shall, on its own initiative or, where…
Art. 58 GDPR Powers Each supervisory authority shall have all of the following investigative powers: to order the controller and the processor, and, where applicable, the controller’s or the…
Art. 28 GDPR Processor Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical…
Recital 148 Penalties In order to strengthen the enforcement of the rules of this Regulation, penalties including administrative fines should be imposed for any infringement of this Regulation, in…
Recital 130 Consideration of the authority with which the complaint has been lodged Where the supervisory authority with which the complaint has been lodged is not the lead supervisory…
What is the GDPR? Europe’s new data privacy and security law includes hundreds of pages’ worth of new requirements for organizations around the world. This GDPR overview will help…
How to conduct a Data Protection Impact Assessment (template included) A Data Protection Impact Assessment (DPIA) is required under the GDPR any time you begin a new project that…
Download a PDF version of this template here. Transparency and informing the public about how their data are being used are two basic goals of the GDPR. This article…
The GDPR requires organizations to protect personal data in all its forms. It also changes the rules of consent and strengthens people’s privacy rights. In this article, we’ll explain…
Under certain conditions, the GDPR requires organizations to appoint a Data Protection Officer. In this article, we go over the profile and duties of this type of GDPR officer….