A recent Webinar, and complementary report, from NAVEX Global offers a look at the top 10 risk and compliance trends for 2020.
More firms have been stymied by the General Data Protection Regulation.
The Norwegian Consumer Council, a consumer rights champion, has uncovered a serious no-no in the world of GDPR: popular apps sharing user data, such as religious beliefs and sexual preferences, to advertising and marketing firms in order to drive their own revenue.
The ICO has fined Dixons Carphone for failing to take “basic, commonplace” security measures that would have alerted it to one of the country’s worst cyber-attacks.
CW Editor in Chief Dave Lefort offers 10 predictions on what will dominate compliance headlines in 2020.
Compliance Week looks back at two decades of scandals, enforcement actions, and regulatory policies (2000-2019) that shaped the compliance function we see today.
With the clock ticking toward the Jan. 1 implementation date, Compliance Week and ACA Aponix asked 100 compliance practitioners whether their company would be CCPA compliant by the deadline. Their collective answer? Nope.
From antitrust and privacy concerns in the tech world to compliance officer liability in the pharmaceutical industry to unethical practices in the banking and accounting professions, more than a dozen companies made Compliance Week’s list of the biggest compliance fails in 2019.
Strong social stances, a dedication to doing what’s right, and leading by example highlight the qualities exemplified by our list of ethics and compliance winners of 2019.
The U.K. Information Commissioner’s Office has levied its first fine under the GDPR against a London-based pharmacy. Record-setting penalties announced by the ICO in July against British Airways and Marriott are still not finalized.
Big Tech can breathe a sigh of a relief that the mechanisms it uses to transfer data outside of the European Union to “third countries” provide sufficient privacy protection, according to a key advisor to the EU’s top court.
The CCPA has been rushed from the start, says CW Editor in Chief Dave Lefort, who believes the California attorney general’s plan to give leniency for companies making good-faith efforts is the right call.
In comments submitted to the California attorney general’s office, businesses seek much greater clarity on the soon-to-be-in-force California Consumer Privacy Act.
A German federal privacy watchdog has fined 1 & 1 Telecom €9.55 million (U.S. $10.6 million) for violations of the EU’s General Data Protection Regulation, but the company says it won’t accept the penalty.
Four companies have reached settlements with the Federal Trade Commission for allegedly misrepresenting their participation in the EU-U.S. Privacy Shield framework.
Republicans and Democrats have differing opinions on the rights and role of a federal privacy law, but both sides agreed at a Senate Commerce Committee hearing Wednesday the time to act is now.
Compliance Week is making some changes to its annual awards for 2020, evolving the “Top Minds” recognition into a full-blown, specifically targeted awards program dubbed “The Excellence in Compliance Awards.”
Senate Democrats have proposed a new federal data privacy bill that seeks to empower consumers and support their civil rights in the digital economy.
Federal agencies struggle to categorize digital coins as currency, securities, commodities, property, or something else—but even as they dither, some big companies strive forward in the digital assets arena.
Applications that serve women’s health needs could soon be held to a higher standard of accountability for protecting users’ data if they become classified as “covered entities” under HIPAA.
Machine learning isn’t something that’s going to happen—it’s already happened. Ali Shah, head of tech policy at the U.K. Information Commissioner’s Office, discusses how artificial intelligence will impact regulators.
A recent survey says a majority of Americans don’t trust data privacy policies and procedures, even while U.S. companies are hastening to enhance them in advance of the California Consumer Privacy Act’s implementation.
With a new wave of privacy laws empowering consumers to police their own data, companies are facing increased risk in areas they might not have considered.
It’s been 18 months since the General Data Protection Regulation went into effect, and still no violations have come out of Ireland. Is the Emerald Isle dragging its feet? CW Editor in Chief Dave Lefort attempts to answer that question.
Officials from a pair of EU data privacy sanctioning bodies stressed importance of data protection officers and good-faith efforts to comply with GDPR.
It’s go-time for compliance as the clock ticks toward the Jan. 1 effective date of the California Consumer Privacy Act.
Don’t expect a plug-and-play technology solution to this complex new problem.
Smart uses of data analytics show companies can not only improve their compliance programs with technology, but actually create bottom-line results for their companies as well.
Microsoft has updated the privacy provisions of its commercial cloud contracts amid a European Data Protection Supervisor investigation that revealed “serious concerns” in its preliminary findings.
An expert sheds light on behavioral science-driven solutions that help businesses prepare for a breach before it happens.
Criticism from lawmakers in addition to a federal inquiry regarding Google’s controversial partnership with Ascension has both the tech giant and the non-profit healthcare provider firing back.
In a blog post this week, Microsoft announced its intention to extend the core rights of the upcoming California Consumer Privacy Act to its customers across the United States.
Fear and frustration were prevalent among Fitbit owners after its pending acquisition by Google was announced. Given the tech giant’s recent privacy lapses, it’s tough to blame them.
This edition of the Ask Amii mailbag offers tips on how to ensure your employees feel safe blowing the whistle, suggestions for encouraging collaboration, and advice for data managers on how to manage data ethically and responsibly in a segmented firm.
Nearly three-fourths of respondents in a recent retail privacy survey said they are willing to share personal data in exchange for better pricing, special discounts, or exclusive offers.
UniCredit announced its cyber-security team has identified a data breach that compromised the personal records of approximately three million clients in Italy, highlighting critical compliance lessons for those in the financial services industry.
Australia’s competition regulator has filed a lawsuit against Google for alleged misrepresentations regarding user data collected in relation to location services on Android devices.
Mastercard is inviting other companies to join it in addressing individuals’ privacy rights with the launch of its Data Responsibility Imperative.
The FTC has submitted comment on NIST’s draft Privacy Framework, praising the agency for its proposal to help firms open a privacy dialogue and suggesting five amendments to improve upon the draft.
The International Conference of Data Protection and Privacy Commissioners offered varying perspectives on the latest in data privacy and technology from the likes of regulators, experts, and campaigners.
At a recent data privacy event, Microsoft’s president and chief legal officer discussed the evolution of data protection rules and how new technology needs to better align with privacy regulation.
California’s new data privacy law, The California Consumer Privacy Act of 2018 (CCPA), is ushering in a new era of consumer privacy protections in the U.S.
NIST’s new draft Privacy Framework offers much-needed guidance to help companies align their data privacy and cyber-security risk management practices.
Sen. Ron Wyden (D-Ore.) has introduced an updated version of his previously drafted data privacy bill that threatens jail time for executives at corporations that misuse Americans’ data.
The new California Consumer Privacy Act (CCPA) takes effect on January 1, 2020. Ahead of this milestone – and with several States working on new data management regulations – many financial services organizations are concerned with the risks of non-compliance.
Amendments to the California Consumer Privacy Act add clarity, offer a BTB communication reprieve to businesses, and ensure consumers have a method for submitting more information requests.
Companies subject to the California Consumer Privacy Act requirements now have 24 pages of direction on how to comply with the new law. But will that be enough?
PayPal leaving Facebook’s Libra project is just a bump in the road in the drive toward developing a global digital currency payments network, a Libra Association spokesperson says.
An economic impact assessment of California’s upcoming privacy law forecasts short-term disadvantages for smaller companies and emerging markets around compliance solutions and data-based product initiatives.