
Formiti Data Privacy News deliver all the latest global privacy news articles, including useful how-to articles to help you stay compliant. Subscribe today and we will deliver them straight to your preferred inbox.
Global Data Privacy Compliance Management It’s Time For Change
In our opinion, the future of data privacy compliance management is moving data governance and compliance management into code, a code that fully automates the privacy framework.
How to Complete a Personal Data Breach Report
Not all data breaches need to be reported to the relevant supervisory authority (e.g. the Information Commissioner Office (ICO) in the UK).
GDPR Data Mapping Compliance – What Your Business Needs to Know
A big part of the process of creating a DPIA involves identifying the flow of data through your organisational, as well as identifying the associated risks
GDPR & Access Controls: Which one is right for you?
It is tempting to give endpoint users administration access to their devices to avoid any complications during the workday. However, this introduces considerable risk to your network because it increases the opportunity for users to compromise personal data.
Yes, Data Privacy Regulations Apply to IoT devices too
Many manufacturers and retailers of IoT devices don’t realise that these devices fall under the purview of data privacy regulations. As data regulators turn their attention to IoT devices, manufacturers and retailers must take steps to stay ahead of developing...
Artificial Intelligence & Privacy Challenges with AI-Powered Medical Devices
Confidentiality is a mandatory legal and ethical duty in the UK health sector especially when it comes to artificial intelligence and privacy in the use of medical devices. Using artificial intelligence to improve patient care has raised data privacy concerns about...
What Are Data Processing Addendums (DPAs?) and When Should They be Used?
What Are Data Processing Addendums (DPAs)? Data Processing Addendums (DPAs) are instructional contracts between the Controller and Processor outlining how to process and secure the Controller’s data. DPAs are critical to ensuring third-party...
US Proposed Federal Privacy Law ADPPA V GDPR
The proposed U.S. Federal Privacy Law ADPPA was introduced in the U.S. House of Representatives on June 3rd 2022. This represents the first time federal data privacy legislation in the United States has progressed to a full chamber vote. Significant...
Appointing a DPO: Avoid the Pitfalls and Fines
Just to quickly reiterate, if the internal DPO is already overseeing, managing or directing a specific department, appointing him/her as a DPO is asking for trouble – it may lead to heavy fines as it is a conflict of interest according to GDPR guidelines.
Thailand PDPA Law Notification of Changes 2022 Part Two
Security measures in relation to the collection, processing, access, use, modification, disposal, or disclosure of an individual's personal data are substantially similar to the standard that is required under the MDES Notification
Data Retention Policy Vital for Privacy Compliance.
Today’s organizations describe their data retention policy as a key element in their data privacy strategy. Industry sectors, whether healthcare, financial services, insurance, government, retail, telecommunications, or education, are valuable information assets...
The Complete Guide to Applying Data Privacy to Your Organisation: Tips For Compliance
New technology, regulatory requirements, and new competitive threats can confuse and risk breaching data privacy laws and regulations.
PDPA Thailand Law Notification of Changes 2022 Part One
The PDPA Thailand Law entered into law on the 1st of June 2022 and is already following the trends of other global data protection laws in its first year with PDPA amendments and notifications. Three have already come into force, and companies and PDPA service...
GDPR & Third-Party Vendor Compliance
hird-party data breaches pose a significant risk to a company’s reputation. Consider these findings from a survey of 7,500 consumers in France, Germany, Italy, the U.K., and the U.S.:
GDPR A Quick Guide to Legitimate Interest Assessments (LIA)
An LIA is used to determine if an organisation can process data using the legitimate interest lawful basis. This article explains what lawful bases are under GDPR, and how to complete a legitimate interest assessment (LIA).
Thailand PDPA for the International Schools
Much like GDPR and other similar privacy laws, PDPA also requires a highly proactive and risk-based approach. Therefore, in order to train your staff to remain compliant, you must put all the necessary preventive measures in place to protect your school from non-compliance.
The Dangers of Sensitive Personal Data Exposure for Businesses:
As the name suggests, personal sensitive data contains data of the highest sensitivity level to the data subject. It includes personal and sensitive information that cannot be disclosed without the data subject’s consent
The Importance of Data Lifecycle Management: What It Is And Why You Need It
Data lifecycle management is a key component of the broader, emerging data culture shift. Business organizations are increasingly realizing that managing data is a top strategic business priority
How to Simplify Your Data Privacy & Compliance Journey
Data privacy consulting firms simplify the compliance process by focusing solely on data privacy best practices – freeing you up to focus on your business.
Ransomware Attacks The new Big Threat Data Theft
The costs begin to accelerate as the attack progresses. Suppose you are lucky and have cyber protection insurance. In that case, your insurers will need to know the full extent of the breach, often calling expensive third parties to help with the exercise.
Data Protection 101: What Every Organisation Needs To Know
Most websites and email clients will also provide a list of “cookies” used to identify you if you have signed up or browsed the website. That can include information such as the IP address, location, and device ID,
Achieving PDPA Compliance: Why a Gap Analysis and Remediation Report is Key
There are several ways to go about a PDPA gap analysis, but where do you start? This article looks at areas covered by analysis and what tools you can use to perform one. Let’s start with the first step of a PDPA compliance checklist
Your Guide to Canadian PIPEDA And What it Means for Your Business
The PIPEDA came into effect as a law in April 2000, intending to increase consumers’ trust in e-commerce. Parts of the PIPEDA are reviewed by the Parliament every 5 years.
How to Achieve Compliance with Article 30 Record of Processing Activities (ROPA)
Although not required for all organisations, we recommend all organisations maintain a living ROPA record because it makes it easier to comply with GDPR.