One of the most important steps to design and build a data privacy program is to create an inventory of all of the personal data processing activities within your company. If you don’t know the type of data you collect and how it’s shared, processed and stored, it is difficult to know if you are meeting the privacy requirements that impact your business. Without this information, it is also difficult to know where data resides in order to be able to respond to situations where individuals exercise their personal data rights, for example, data subject access requests (DSAR). And as … Continue reading Data Inventory and Mapping to Support Privacy Compliance
After publication in the Royal Thai Government Gazette on May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (2019) (PDPA) came into effect on May 28, 2019. The PDPA is Thailand’s first comprehensive law governing data protection. The key operative provisions of the PDPA relating to the collection, use or disclosure of personal data will come into force on May 28, 2020. Some of the significant restrictions on the collection and use of personal data are the following: Data controllers must obtain consent from data subjects before they can process their data (subject to certain exceptions, such as where … Continue reading Thailand’s Personal Data Protection Act (PDPA) Comes into Effect
On May 28th, by a 42-6 bipartisan vote, California’s state Assembly passed a bill to impose rules on manufacturers of Internet-connected devices sold in California that offer voice recognition features. The bill defines “voice recognition feature” as the function of a connected device that allows the “collection, recording, storage, analysis, transmission, interpretation or other use of spoken words or sounds,” except where voice commands are not recorded or transmitted beyond the device. The proposed amendment to Chapter 35 of the state’s Business and Professions Code–which already imposes similar rules on connected televisions–would firstly prohibit the operation of any connected device’s voice recognition … Continue reading California Assembly Passes Smart Speaker Privacy Rules
TrustArc and the International Association of Privacy Professionals (IAPP) has announced the results of new research that examined how privacy technology is bought and deployed to address privacy and data protection challenges. Findings show that products that help businesses discover and map data flows top the list of purchase plans and that the privacy team is playing a larger role in privacy tech purchasing decisions as organizations navigate a complex field of regulations. “As the number of privacy regulations grows, organizations must contend with the complexity of managing an increasingly fragmented privacy regulatory landscape,” said Chris Babel, CEO, TrustArc. “These … Continue reading New IAPP and TrustArc Benchmarking Research Highlights Growing Demand for Technology Solutions to Help Organizations Keep Pace With New Privacy Laws
Regulatory compliance has become more complex than ever. The requirements of the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have created exasperation for information security leaders and bewilderment for privacy managers all over the world. Those responsible for regulatory compliance often struggle to identify how their business is subjected to risk and applicable laws. Privacy leaders need the ability to review business operations against all applicable laws, regulations, and frameworks in order to streamline compliance and maturity, and take action to address regulatory requirements. Privacy Profile, powered by the Intelligence Engine within the TrustArc … Continue reading TrustArc Privacy Profile Simplifies Cross-Regulation Compliance for GDPR, CCPA, HIPAA and Other Global Privacy and Security Regulations
TrustArc is proud to present the next Privacy Insight Series webinar “GDPR Compliance: Convince Customers, Partners, and The Board You Are Compliant!” with TrustArc General Counsel & Chief Data Governance Officer Hilary Wandall and Centre for Information Policy Leadership at Hunton & Williams LLP President Bojana Bellamy. This webinar will take place on Wednesday, June 19th at 9am PT / 12pm ET / 5pm GMT. Don’t miss this opportunity to learn more about GDPR compliance – register today! Many companies have invested significant time and resources trying to design and implement GDPR compliance programs. Internally, they may have generated hundreds … Continue reading Upcoming Webinar: GDPR Compliance: Convince Customers, Partners, and The Board You Are Compliant!