How your organization responds and gets back to work in the wake of the Coronavirus can be tricky. We have research and guidance compiled to help you think about privacy in a global pandemic.
The Norwegian data protection authority ('Datatilsynet') announced, on 10 July 2020, that it had adopted a final decision ('the Decision') to fine the Municipality of Rælingen NOK 500,0000 (approx €46,660) for the processing of children's health data relating to disability by the digital learning platform Showbie, further to
The Polish data protection authority ('UODO') announced, on 10 July 2020, its decision to fine East Power Sp. z o.o. PLN 15,000 (approx. €3,400) for failure to provide the UODO with access to personal data and other information necessary to carry out its tasks.
The European Union Agency for Network and Cybersecurity ('ENISA') announced, on 10 July 2020, that it had issued its 2019 annual report ('the Annual Report') on trust services security incidents.
The Turkish data protection authority ('KVKK') announced, on 9 July 2020, a data breach suffered by Doctor Atadan Egemen Koyuncu. In particular, the KVKK highlighted that the data controller suffered a cyber attack on 5 July 2020 which affected the patient information system and that the violation was detected on the 6 July 2020.
The Council of Europe's ('CoE') Cybercrime Convention Committee issued, on 9 July 2020, a report ('the Report') illustrating the benefits and impact of the Budapest Convention on Cybercrime ('the Budapest Convention') on legislation, domestic and international investigations, public and private cooperation, and the strengthening of criminal just
The Office of the Commissioner for Personal Data Protection ('the Commissioner') announced, on 10 July 2020, that the European Union Schengen Committee ('the Schengen Committee') made a positive assessment of the data protection sector in Cyprus.
The European Commission ('the Commission') announced, on 10 July 2020, that it had adopted a set of guidance to help traders, online platforms, and search engines get the most out of Regulation (EU) 2019/1150 of 20 June 2019 on Promoting Fairness and Transparency for Business Users of Online Intermediation Services ('the Platform to Business Reg
The National Supervisory Authority for Personal Data Processing ('ANSPDCP') announced, on 9 July 2020, its decision to fine Proleasing Motors SRL RON 72,642 (approx.
The Danish data protection authority ('Datatilsynet') issued, on 30 June 2020, its decision ('the Decision') criticising Udbetaling Denmark for disclosure of the complainant's Social Security number and income information to the complainant's partner.
The National Institute of Standards and Technology ('NIST') released, on 9 July 2020, the second Draft NISTIR 8286 Integrating Cybersecurity and Enterprise Risk Management ('ERM') ('the Draft'), and is seeking comments on the same.
The Spanish National Cybersecurity Institute ('INCIBE') issued, on 9 July 2020, a blog post ('the Blog Post') informing about malware designed to display ads on the screen of any computer ('Adware'), usually for malicious purposes without user consent.
The Italian data protection authority ('Garante') announced, on 9 July 2020, that it had issued a decision ('the Decision') establishing the accreditation criteria for the bodies monitoring codes of conducts under the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR').
The Ministry of Health and Welfare ('MOHW') released, on 9 July 2020, implementation measures for the maintenance of hospital personal data files ('the Maintenance Plan').
The Office of the Information and Privacy Commissioner of Alberta ('OIPC') released, on 9 July 2020, a report ('the Report') on its review of the Privacy Impact Assessment ('PIA') submitted by Alberta Health for the
Magellan Health, Inc. and its subsidiaries and affiliates announced, on 12 May 2020, that it was the victim of a criminal ransomware attack on 11 April 2020 in a notification to its consumers ('the Notification').
The European Medicines Agency ('EMA') announced, on 6 July 2020, that it had launched a public consultation on its network strategy to 2025 ('the Strategy').
The Office of the Privacy Commissioner of New Zealand ('OPCNZ') released, on 7 July 2020, a blog post on the Human Rights Review Tribunal's ('HRRT') decision not to award compensation in relation to a breach of the Health Information Privacy Code 1994 ('the Code') by IDEA Services.
The Federal Ministry of Health ('BMG') announced, on 3 July 2020, that the German Parliament ('Bundestag') has adopted the draft Patient Data Protection Act ('the Draft Act'), that had been adopted by the Federal Cabinet o
The Polish data protection authority ('UODO') announced, on 2 July 2020, that it had requested confirmation from Gemini Apps Sp. Z.o.o. on the processing of personal data relating to a service which allows searching for information on the availability and price of medicinal products and medical devices.
The Norwegian data protection authority ('Datatilsynet') announced, on 1 July 2020, its decision to impose a NOK 1,200,000 (approx.
The Bank of Japan ('BoJ') released, on 10 July 2020, a report on legal issues related to the use of customer information in financial services ('the Report'), produced by the BoJ Financial Research Institute.
The Financial Conduct Authority ('FCA') announced, on 8 July 2020, that the guidelines ('the Guidelines') on outsourcing to cloud service providers ('CSPs') issued by the European Insurance and Occupational Pen
The Swiss Financial Market Supervisory Authority ('FINMA') announced, on 7 July 2020, that, further to the implementation of the Financial Services Act of 15 June 2018 ('FinSA') and the Financial Institutions Act of 15 June 2018 ('FinIA'), it has decided to grant to the Organisme de Surveillance des Instituts Financiers ('OSIF'), based in Geneva
The National Bank of Tajikistan ('the National Bank') announced, on 6 July 2020, that it had developed, along with the Financial Monitoring Department and the International Finance Corporation, procedures for the remote identification of clients for low-risk products, in particular for transfer of electronic monetary funds.
The Financial Action Task Force ('FATF') published, on 7 July 2020, two reports on so-called stablecoins ('the Stablecoins Report') and virtual assets ('the Virtual Assets Report'), following the meeting of the 2020 virtual plenary.
The European Commission ('the Commission') announced, on 2 July 2020, that it has sent letters of formal notice to Luxembourg, Slovakia, and Slovenia urging them to correctly transpose the Fourth Anti-money Laundering Directive (Directive (EU) 2015/849) ('the 4th AML Directive').
The Financial Markets Authority ('AMF') published, on 2 July 2020, a report ('the Report') mapping the most important risks for 2020 in light of the COVID-19 ('Coronavirus') epidemic.
The Bank for International Settlements ('BIS') announced, on 2 July 2020, that the Basel Committee on Banking Supervision ('the Basel Committee') had amended its Sound Management of Risks Related to Money Laundering and Financing of Terrorism ('the AML/CFT Guidelines') which introduce measures for cooperation and information exchange among prude