Support Centre

Dashboard

COVID-19 Resources

How your organization responds and gets back to work in the wake of the Coronavirus can be tricky. We have research and guidance compiled to help you think about privacy in a global pandemic.

Privacy Today

The European Commission ('the Commission') announced, on 9 July 2020, that it had issued a Communication on Readiness at the End of the Transition Period between the European Union and the United Kingdom ('the Communication').

The French data protection authority ('CNIL') published, on 10 July 2020, a practical guide ('the Guide') and a collection of common procedures ('the Procedures') to help organisations in dealing with requests from authorised third parties involving transmission of documents and/or information which may include personal data.

The European Data protection Board ('EDPB') announced on Twitter, on 10 July 2020, that it had released the final version of its Guidelines 5/2019 on the Criteria of the Right to be Forgotten in Search Engines Cases under the GDPR ('the Guidelines'),

The Norwegian data protection authority ('Datatilsynet') announced, on 10 July 2020, that it had adopted a final decision ('the Decision') to fine the Municipality of Rælingen NOK 500,0000 (approx €46,660) for the processing of children's health data relating to disability by the digital learning platform Showbie, further to

The Polish data protection authority ('UODO') announced, on 10 July 2020, its decision to fine East Power Sp. z o.o. PLN 15,000 (approx. €3,400) for failure to provide the UODO with access to personal data and other information necessary to carry out its tasks.

The European Union Agency for Network and Cybersecurity ('ENISA') announced, on 10 July 2020, that it had issued its 2019 annual report ('the Annual Report') on trust services security incidents.

The Turkish data protection authority ('KVKK') announced, on 9 July 2020, a data breach suffered by Doctor Atadan Egemen Koyuncu. In particular, the KVKK highlighted that the data controller suffered a cyber attack on 5 July 2020 which affected the patient information system and that the violation was detected on the 6 July 2020.

The Council of Europe's ('CoE') Cybercrime Convention Committee issued, on 9 July 2020, a report ('the Report') illustrating the benefits and impact of the Budapest Convention on Cybercrime ('the Budapest Convention') on legislation, domestic and international investigations, public and private cooperation, and the strengthening of criminal just

The Office of the Commissioner for Personal Data Protection ('the Commissioner') announced, on 10 July 2020, that the European Union Schengen Committee ('the Schengen Committee') made a positive assessment of the data protection sector in Cyprus.

The European Commission ('the Commission') announced, on 10 July 2020, that it had adopted a set of guidance to help traders, online platforms, and search engines get the most out of Regulation (EU) 2019/1150 of 20 June 2019 on Promoting Fairness and Transparency for Business Users of Online Intermediation Services ('the Platform to Business Reg

The National Supervisory Authority for Personal Data Processing ('ANSPDCP') announced, on 9 July 2020, its decision to fine Proleasing Motors SRL RON 72,642 (approx.

The Danish data protection authority ('Datatilsynet') issued, on 30 June 2020, its decision ('the Decision') criticising Udbetaling Denmark for disclosure of the complainant's Social Security number and income information to the complainant's partner.

The National Institute of Standards and Technology ('NIST') released, on 9 July 2020, the second Draft NISTIR 8286 Integrating Cybersecurity and Enterprise Risk Management ('ERM') ('the Draft'), and is seeking comments on the same.

The Norwegian data protection authority ('Datatilsynet') announced, on 9 July 2020, that, further to a breach notification it had received from University Hospital of Northern Norway HF regarding the incorrect publication of mailing lists on the hospital's website, it has sent a letter ('the Letter') requesting an official response from Universi

The Ministry of Health and Welfare ('MOHW') released, on 9 July 2020, implementation measures for the maintenance of hospital personal data files ('the Maintenance Plan').

Magellan Health, Inc. and its subsidiaries and affiliates announced, on 12 May 2020, that it was the victim of a criminal ransomware attack on 11 April 2020 in a notification to its consumers ('the Notification').

The European Medicines Agency ('EMA') announced, on 6 July 2020, that it had launched a public consultation on its network strategy to 2025 ('the Strategy').

The Office of the Privacy Commissioner of New Zealand ('OPCNZ') released, on 7 July 2020, a blog post on the Human Rights Review Tribunal's ('HRRT') decision not to award compensation in relation to a breach of the Health Information Privacy Code 1994 ('the Code') by IDEA Services.

The Federal Ministry of Health ('BMG') announced, on 3 July 2020, that the German Parliament ('Bundestag') has adopted the draft Patient Data Protection Act ('the Draft Act'), that had been adopted by the Federal Cabinet o

The Polish data protection authority ('UODO') announced, on 2 July 2020, that it had requested confirmation from Gemini Apps Sp. Z.o.o. on the processing of personal data relating to a service which allows searching for information on the availability and price of medicinal products and medical devices.

The Financial Markets Authority ('AMF') published, on 7 July 2020, its position paper ('the Paper') in response to the European Commission's New Digital Finance Strategy for Europe/FinTech Action Plan, while also providing detailed prop

The Bank of Japan ('BoJ') released, on 10 July 2020, a report on legal issues related to the use of customer information in financial services ('the Report'), produced by the BoJ Financial Research Institute.

The Financial Conduct Authority ('FCA') announced, on 8 July 2020, that the guidelines ('the Guidelines') on outsourcing to cloud service providers ('CSPs') issued by the European Insurance and Occupational Pen

The Swiss Financial Market Supervisory Authority ('FINMA') announced, on 7 July 2020, that, further to the implementation of the Financial Services Act of 15 June 2018 ('FinSA') and the Financial Institutions Act of 15 June 2018 ('FinIA'), it has decided to grant to the Organisme de Surveillance des Instituts Financiers ('OSIF'), based in Geneva

The National Bank of Tajikistan ('the National Bank') announced, on 6 July 2020, that it had developed, along with the Financial Monitoring Department and the International Finance Corporation, procedures for the remote identification of clients for low-risk products, in particular for transfer of electronic monetary funds.

The Financial Action Task Force ('FATF') published, on 7 July 2020, two reports on so-called stablecoins ('the Stablecoins Report') and virtual assets ('the Virtual Assets Report'), following the meeting of the 2020 virtual plenary.

The European Commission ('the Commission') announced, on 2 July 2020, that it has sent letters of formal notice to Luxembourg, Slovakia, and Slovenia urging them to correctly transpose the Fourth Anti-money Laundering Directive (Directive (EU) 2015/849) ('the 4th AML Directive').

The Financial Markets Authority ('AMF') published, on 2 July 2020, a report ('the Report') mapping the most important risks for 2020 in light of the COVID-19 ('Coronavirus') epidemic.