The General Data Protection Regulation (GDPR) represents one of the most comprehensive reforms to data regulation in recent times. It affects how companies around the globe approach their strategies for external data protections (like data security), as well as internal data access and usage. The purpose is to give EU and UK individuals more transparency and control over their personal data.
Most educators know about the federal student data privacy laws such as the Family Educational Rights and Privacy Act (FERPA) administered by the US Department of Education. However, modern schools increasingly adopt new technologies such as cloud service providers for managing everything from homework assignments in Google Drive to education data in records management data systems.
Heralded as the US version of the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) may be the catalyst for an all-new approach to privacy for companies. However, merely assuming that the CCPA is a GDPR-for-US can leave you stranded and, possibly, non-compliant.
Another year, another privacy law on the horizon. In 2018, the big push for compliance with the European Union General Data Protection Regulation (GDPR). In 2019, companies are reeling from the new law governing data protection passed by ballot initiative. The California Consumer Privacy Act (CCPA) intends to place on companies who collect California residents’ personal information. But the question remains, in the morass of regulatory writing, “What is the CCPA?
A massive data breach at Marriott and Starwood Hotels and Resorts has put the General Data Protection Regulation (GDPR) back in the spotlight. As the hotel chain faces record fines under the GDPR, privacy experts are again extolling the importance of secure log management practices to avoid suffering a similar fate as Starwood.
The EU General Data Protection Regulation (GDPR) was authored in 2016 and became applicable on May 25th of 2018. You can read the regulation in its entirety in this PDF. If you have legal questions about GDPR and how it applies to your organization, you should seek the advice of a professional who is familiar with the regulation.
May 25, 2018 was the deadline for GDPR compliance. The media was abuzz. Businesses were rushing to update their privacy policy page. Companies were emailing newsletter subscribers to approve updated privacy policies. Everybody seemed to be paying attention to this new law, which appeared to be the beginning of a new dawn in data privacy. Or was it?
After years of deliberation, the GDPR is now a reality to businesses around the globe. Rather than simply seeing it as a necessary evil, we should remain mindful of the value to be gained from the regulation. GDPR has given businesses the opportunity not only to enhance data protection, but also further implement a more ethical approach to data handling. This is a win for everyone involved.
Today’s businesses run on data. From getting customer information for payment, processing employee information for payroll, using publicly available data for targeted advertising, to tracking people’s behavior for marketing, data has become the power center of organizations. But with this increased emphasis on data, organizations are now burdened with greater responsibilities.
