Formiti Data Privacy News deliver all the latest global privacy news articles, including useful how-to articles to help you stay compliant. Subscribe today and we will deliver them straight to your preferred inbox.
Yes, Data Privacy Regulations Apply to IoT devices too
Many manufacturers and retailers of IoT devices don’t realise that these devices fall under the purview of data privacy regulations. As data regulators turn their attention to IoT devices, manufacturers and retailers must take steps to stay ahead of developing...
Artificial Intelligence & Privacy Challenges with AI-Powered Medical Devices
Confidentiality is a mandatory legal and ethical duty in the UK health sector especially when it comes to artificial intelligence and privacy in the use of medical devices. Using artificial intelligence to improve patient care has raised data privacy concerns about...
What Are Data Processing Addendums (DPAs?) and When Should They be Used?
What Are Data Processing Addendums (DPAs)? Data Processing Addendums (DPAs) are instructional contracts between the Controller and Processor outlining how to process and secure the Controller’s data. DPAs are critical to ensuring third-party...
US Proposed Federal Privacy Law ADPPA V GDPR
The proposed U.S. Federal Privacy Law ADPPA was introduced in the U.S. House of Representatives on June 3rd 2022. This represents the first time federal data privacy legislation in the United States has progressed to a full chamber vote. Significant...
Appointing a DPO: Avoid the Pitfalls and Fines
Just to quickly reiterate, if the internal DPO is already overseeing, managing or directing a specific department, appointing him/her as a DPO is asking for trouble – it may lead to heavy fines as it is a conflict of interest according to GDPR guidelines.
Thailand PDPA Notification of Changes 2022 Part Two
Security measures in relation to the collection, processing, access, use, modification, disposal, or disclosure of an individual's personal data are substantially similar to the standard that is required under the MDES Notification
Data Retention Policy Vital for Privacy Compliance.
Today’s organizations describe their data retention policy as a key element in their data privacy strategy. Industry sectors, whether healthcare, financial services, insurance, government, retail, telecommunications, or education, are valuable information assets...
The Complete Guide to Applying Data Privacy to Your Organisation: Tips For Compliance
New technology, regulatory requirements, and new competitive threats can confuse and risk breaching data privacy laws and regulations.
Thailand PDPA Notification of Changes 2022 Part One
The Thailand PDPA entered into law on the 1st of June 2022 and is already following the trends of other global data protection laws in its first year with PDPA amendments and notifications. Three have already come into force, and companies and PDPA service...
GDPR & Third-Party Vendor Compliance
hird-party data breaches pose a significant risk to a company’s reputation. Consider these findings from a survey of 7,500 consumers in France, Germany, Italy, the U.K., and the U.S.:
GDPR A Quick Guide to Legitimate Interest Assessments (LIA)
An LIA is used to determine if an organisation can process data using the legitimate interest lawful basis. This article explains what lawful bases are under GDPR, and how to complete a legitimate interest assessment (LIA).
Thailand PDPA for the International Schools
Much like GDPR and other similar privacy laws, PDPA also requires a highly proactive and risk-based approach. Therefore, in order to train your staff to remain compliant, you must put all the necessary preventive measures in place to protect your school from non-compliance.
The Dangers of Sensitive Personal Data Exposure for Businesses:
As the name suggests, personal sensitive data contains data of the highest sensitivity level to the data subject. It includes personal and sensitive information that cannot be disclosed without the data subject’s consent
The Importance of Data Lifecycle Management: What It Is And Why You Need It
Data lifecycle management is a key component of the broader, emerging data culture shift. Business organizations are increasingly realizing that managing data is a top strategic business priority
How to Simplify Your Data Privacy & Compliance Journey
Data privacy consulting firms simplify the compliance process by focusing solely on data privacy best practices – freeing you up to focus on your business.
Ransomware Attacks The new Big Threat Data Theft
The costs begin to accelerate as the attack progresses. Suppose you are lucky and have cyber protection insurance. In that case, your insurers will need to know the full extent of the breach, often calling expensive third parties to help with the exercise.
Data Protection 101: What Every Organisation Needs To Know
Most websites and email clients will also provide a list of “cookies” used to identify you if you have signed up or browsed the website. That can include information such as the IP address, location, and device ID,
Achieving PDPA Compliance: Why a Gap Analysis and Remediation Report is Key
There are several ways to go about a PDPA gap analysis, but where do you start? This article looks at areas covered by analysis and what tools you can use to perform one. Let’s start with the first step of a PDPA compliance checklist
Your Guide to Canadian PIPEDA And What it Means for Your Business
The PIPEDA came into effect as a law in April 2000, intending to increase consumers’ trust in e-commerce. Parts of the PIPEDA are reviewed by the Parliament every 5 years.
How to Complete a Personal Data Breach Report
Not all data breaches need to be reported to the relevant supervisory authority (e.g. the Information Commissioner Office (ICO) in the UK).
How to Achieve Compliance with Article 30 Record of Processing Activities (ROPA)
Although not required for all organisations, we recommend all organisations maintain a living ROPA record because it makes it easier to comply with GDPR.
Global Data Privacy Compliance Staying Ahead of the Curve
As per the GDPR, organizations need to establish a structured and thorough approach to ensuring compliance. This requires that security and privacy policies be developed and communicated by data subjects and documented in formalized processes,
The Singapore PDPA Updates A Guide for Business
To help businesses stay accountable and stay on top of changes, the Personal Data Protection Commission (PDPC) has updated the content of two existing data protection guidelines to align with the changes in the PDPA and to support businesses
The Brazil LGPD: How Organizations Can Ensure Compliance
The first step that an organization needs to take is to have a representative when it comes to data privacy compliance. There are several people handling the data you collect and process,
