How your organization responds and gets back to work in the wake of the Coronavirus can be tricky. We have research and guidance compiled to help you think about privacy in a global pandemic.
The Belgian Data Protection Authority ('the Belgian DPA') issued, on 14 July 2020, a decision in which it fined Google Belgium SA €600,000, its highest fine to date, following Google's refusal of a Belgian citizen's request to be dereferenced from outdated articles considered to be seriously damaging to their reputation, as well as a lack of tra
The Moroccan data protection authority ('CNDP') published, on 10 July 2020, Deliberation No. D-120-2020 of 8 July 2020 ('the Deliberation'), which focuses on the implementation of an architecture of identifiers which complies with data protection and privacy requirements in the context of increasing digitalisation.
The European Union Aviation Safety Agency ('EASA') announced, on 13 July 2020, that it had approved amendments to the rules related to product certification in ED Decision 2020/006/R ('the Decision'), in order to increase cybersecurity protection of large aeroplanes and rotorcraft.
The Ministry of Health ('MoH') issued, on 9 July 2020, Resolution No. 38 for 2020 ('the Resolution') regarding health requirements and procedures that must be followed in commercial and industrial places to contain and prevent the spread of the COVID-19 ('Coronavirus').
The Italian data protection authority ('Garante') announced, on 13 July 2020, that it had issued a decision ('the Decision') fining Merlini s.r.l.
The National Assembly published, on 13 July 2020, a bill ('the Bill') aiming at transposing EU law on economic and financial measures, which has been adopted by the Senate and has received its first reading by the National Assembly.
The House of Lords Select Committee on Science and Technology ('the Select Committee') published, on 13 July 2020, its eighth summary ('the Summary') of its oral evidence sessions regarding COVID-19 ('Coronavirus') contact tracing and data ethics.
The Federal Trade Commission ('FTC') announced, on 13 July 2020, that it had finalised a settlement ('the Settlement') with Ortho-Clinical Diagnostics, Inc. over allegations that it had misled consumers about its participation in the EU-US Privacy Shield ('the Privacy Shield'), even after its certification had lapsed in 2018.
The Italian data protection authority ('Garante') announced, on 13 July 2020, that it had issued a decision ('the Decision') fining Iliad Italia S.p.A.
The National Cyber Security Centre ('NCSC') launched, on 13 July 2020, the home and remote working exercise ('the Exercise') to help small businesses test their cyber resilience while staff work remotely due to the COVID-19 ('Coronavirus') pandemic.
The Ministry of Internal Affairs and Communications of Japan ('MIC') announced, on 14 July 2020, that it had launched a professional consultation on security measures related to teleworking ('the Consultations').
The Colombian data protection authority ('SIC') announced, on 10 July 2020, that it had fined Cifin S.A.S. COP 702,000,000 (approx. €171,400) for including information that was not of a financial or credit nature in the credit history of 288,753 Colombians.
The Norwegian data protection authority ('Datatilsynet') announced, on 9 July 2020, that, further to a breach notification it had received from University Hospital of Northern Norway HF regarding the incorrect publication of mailing lists on the hospital's website, it has sent a letter ('the Letter') requesting an official response from Universi
The Ministry of Health and Welfare ('MOHW') released, on 9 July 2020, implementation measures for the maintenance of hospital personal data files ('the Maintenance Plan').
The Office of the Information and Privacy Commissioner of Alberta ('OIPC') released, on 9 July 2020, a report ('the Report') on its review of the Privacy Impact Assessment ('PIA') submitted by Alberta Health for the
Magellan Health, Inc. and its subsidiaries and affiliates announced, on 12 May 2020, that it was the victim of a criminal ransomware attack on 11 April 2020 in a notification to its consumers ('the Notification').
The European Medicines Agency ('EMA') announced, on 6 July 2020, that it had launched a public consultation on its network strategy to 2025 ('the Strategy').
The Office of the Privacy Commissioner of New Zealand ('OPCNZ') released, on 7 July 2020, a blog post on the Human Rights Review Tribunal's ('HRRT') decision not to award compensation in relation to a breach of the Health Information Privacy Code 1994 ('the Code') by IDEA Services.
The Federal Ministry of Health ('BMG') announced, on 3 July 2020, that the German Parliament ('Bundestag') has adopted the draft Patient Data Protection Act ('the Draft Act'), that had been adopted by the Federal Cabinet o
The Polish data protection authority ('UODO') announced, on 2 July 2020, that it had requested confirmation from Gemini Apps Sp. Z.o.o. on the processing of personal data relating to a service which allows searching for information on the availability and price of medicinal products and medical devices.
The Financial Services Commission ('FSC') published, on 13 July 2020, a manual ('the Manual') and licence mechanism ('the Licence Mechanism') for access and use of the credit information management platform 'MyData.' In particular, the Manual sets out the general requirements that a financial company or FinTech will be required to meet, by provi
The Belgian Data Protection Authority ('the Belgian DPA') published, on 10 July 2020, its opinion on the draft law on offering payment plans for a maximum period of six months to consumers who suffered a loss of revenue due to the economic consequences of the COVID-19 ('Coronavirus') pandemic.
The European Parliament ('the Parliament') announced, on 10 July 2020, that it had adopted a resolution (the Resolution') on the European Commission's ('the Commission') Communication on an Action Plan for a Comprehensive Union Policy on Preventin
The Ministry of Finance announced, on 8 July 2020, that a formal Memorandum of Understanding ('MoU') had been signed between the Central Bord of Direct Taxes ('CBDT') and the Securities and Exchange Board of India ('SEBI') for data exchange between the two organisations.
The Financial Markets Authority ('AMF') published, on 7 July 2020, its position paper ('the Paper') in response to the European Commission's New Digital Finance Strategy for Europe/FinTech Action Plan, while also providing detailed prop
The Bank of Japan ('BoJ') released, on 10 July 2020, a report on legal issues related to the use of customer information in financial services ('the Report'), produced by the BoJ Financial Research Institute.
The Financial Conduct Authority ('FCA') announced, on 8 July 2020, that the guidelines ('the Guidelines') on outsourcing to cloud service providers ('CSPs') issued by the European Insurance and Occupational Pen
The Swiss Financial Market Supervisory Authority ('FINMA') announced, on 7 July 2020, that, further to the implementation of the Financial Services Act of 15 June 2018 ('FinSA') and the Financial Institutions Act of 15 June 2018 ('FinIA'), it has decided to grant to the Organisme de Surveillance des Instituts Financiers ('OSIF'), based in Geneva