Let us imagine the following scenario: In an effort to improve data security and conform with GDPR requirements, a small to medium sized business decides to implement a new policy of password protection; new passwords are to be issued to each employee on a weekly...
GDPR: Identifying personal data & sensitive data
Given that more than a year has passed since the European Union's General Data Protection Regulation (GDPR) was implemented, on the 25th May 2018 to be precise, most businesses are aware that they have a legal obligation to protect any ‘personal data’ which they...
GDPR compliance for US based companies: What are the key legal concerns?
Commonly recognised as the toughest privacy and security law on the planet, the European Union’s General Data Protection Regulation (or GDPR), imposes legal obligations on companies and organizations anywhere, so long as they handle data related to people situated in,...
The Seven Core Principles of the GDPR: What American Business should know
On May 25th, 2018, the European Union’s General Data Protection Regulation (GDPR) replaced the Data Protection Directive of 1995. Unlike the previous legislation, the GDPR affects businesses and organisations which are based outside of the EU. The simple fact that all...
Pseudonymisation: The GDPR’s great legal “loophole”?
The GDPR was approved by the Parliament of the European Union on the 14th April 2016 and has been in force since the 25th May 2018. Organisations that are not compliant can now face heavy fines. Suffice to say, significant changes to the way businesses and companies...
Why You Should Consider a GDPR Representative Office in Ireland
The General Data Protection Regulation applies to any data controller and processor who deals with the data of EU citizens or residents, whether the data handler is based within the European Union or not. In addition to ensuring that they meet general compliance...
The GDPR and the Brussels Effect
The General Data Protection Regulation came into effect throughout the member states of the European Union on the 25th May 2018. As you are no doubt already well aware, the GDPR is, in simple terms, a new framework of conditions aimed at giving citizens of the...
FTC Health Breach Notification Rule Applies to Health Apps and Wearable Devices
The Federal Trade Commission (FTC) has a Health Breach Notification Rule, similar to the Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA). The FTC has recently released a Policy Statement confirming digital health app and...
Working From Home: Is your data secure?
Some have called it the “new normal”. Others speak of the “Post-Covid world.” More positive and hopeful voices tell us that the Covid-19 pandemic, while painful, is but a temporary hiccup in the history of humanity. Whatever the truth of the matter it is clear that...
US Companies need to look to the Old World
Two court rulings made in July 2020 may prove to be among the most important legal precedents that American tech companies will ever have had to come to grips with. What is particularly interesting about these two decisions is that they were not made by the Supreme...
Why has TikTok chosen Ireland as its European base?
In a statement released on the 29th of June 2020, TikTok, the Chinese video-sharing social networking service owned by ByteDance, announced its decision to move the responsibility for safeguarding the privacy of its European users to its Irish and UK entities. ...
Two years of the GDPR: What should American businesses have already learned? What can they now expect?
Implemented on the 25th of May 2018, Europe’s General Data Protection Regulation (GDPR), has now entered the terrible twos. Birthdays are an occasion to take stock, and this anniversary is particularly interesting from an American perspective. For those who need...
A Failure to Learn the Lesson?
Fresh Data Breach Heartbreak for Marriott Hotel Group In December 2018, Marriott International disclosed a breach which had impacted some 383 million guest records. Industry specialists at the time viewed the data failure as a key example of the risks inherent in...
Virgin Media Facing up to $5.5 Billion Data Breach Compensation Bill
Virgin Media Ltd, which provides television, telephone and internet services throughout the United Kingdom may have to fork out up to £4,500,000,000 (roughly $5.5 billion) after a data security breach in which personal information belonging to its customers was...
Google to Appeal $7.45m Swedish GDPR Non-Compliance Fine
Privacy Authority to impose $8 Million Penalty Google has announced that it intends to appeal the recent General Data Protection Regulation fine, its second, levied by Sweden's Data Protection Authority against the internet giant. A fine of 75 million kroner...
Cathay Pacific Ordered to Pay £500,000 Fine Following Customer Data Exposure
The UK’s Information Commissioner's Office, or ICO, has imposed a fine of £500,000 ($603,750) on Cathay Pacific Airways for its failure to adequately protect the personal data of customers. The half-million pounds fine is in fact the maximum possible under the UK’s...
Amazon Meets with GDPR Troubles on the Eve of Covid-19
Various industry specialists, including Adobe Analytics, have reported that increasing consumer concern, and indeed shop closures, following the worldwide COVID-19 outbreak is already influencing our online shopping behaviour in a significant manner. While traditional...
Dutch Data Protection Authority issues first GDPR-fine
The Haga Hospital in the Hague has become the first Dutch body to be fined for violation of Europe's new privacy law, the General Data Protection Regulation (GDPR). NU.nl has reported that a fine of €460,000 is being imposed on the Hospital for failing to provide a...
Schrems II to put GDPR to the Test
It has been a long journey, but what may prove to be a crucial data privacy case from Ireland has finally made its way to Luxembourg's Court of Justice of the European Union (CJEU). On Tuesday the court heard arguments in what has become referred to as the Schrems II...
Visitor Books: Will the GDPR make them a thing of holidays past?
According to a story first reported by the Irish Times on the 23rd of July 2019, it appears that the reach of the General Data Protection Regulation may extend to a form of record keeping that few would have envisaged as relevant when the regulation was first drafted:...
GDPR: French Real Estate Company Faces €400,000 Fine
In January 2019 the French Data Protection Authority (the CNIL), hit Google LLC with a record €50m fine for failing to comply with the EU's General Data Protection Regulation (GDPR). A decision made on the 28th May 2019 which imposes a €400,000 fine on SERGIC, a real...
British Airways faces potential €200 million GDPR fine
The UK Information Commissioner's Office (ICO) has announced that it intends to fine British Airways for a recent infringement of the General Data Protection Regulation (GDPR). The security breach occurred when British Airways customers were directed away from the BA...
GDPR celebrates its first birthday
Today marks the first anniversary of the introduction of the European Union's General Data Protection Regulation (GDPR). As the solitary candle of the birthday cake is being blown out, we can take a moment to reflect upon what has undoubtedly been an eventful debut...
First GDPR fine issued by Italian Data Protection Authority
Italy's first GDPR fine has been issued by the Garante, the Italian Data Protection Authority. Action was taken due to the failure to implement privacy security measures in the aftermath of a data breach on the “Rousseau” platform. The platform operates the websites...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute