Upgrade to a premium account to save this to your customizable Workspace
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Cybersecurity
The Personal Information Protection Committee ('PIPC') announced, on 27 October 2021, that it had imposed a fine of KRW 19.025 million (approx. €14,000) to a pharmaceutical operator for violation of the Personal Information Protection Act 2011 (as amended 2020) ('PIPA').
The Personal Information Protection Committee ('PIPC') announced, on 27 October 2021, that it had imposed a fine of KRW 300,000 (approx. €220) to Yonsei Medical Centre for violation of the Personal Information Protection Act 2011 (as amended 2020) ('PIPA').
The Personal Information Protection Committee ('PIPC') announced, on 27 October 2021, that it had imposed a fine of KRW 300,000 (approx. €220) to Moonwon Medical Foundation Seoul Hospital for violation of the Personal Information Protection Act 2011 (as amended 2020) ('PIPA').
The Shanghai Municipal People's Government ('SMPG') requested, on 30 September 2021, public comments on the new Shanghai Draft Data Regulations.
The Jersey Data Protection Authority ('JDPA') issued, on 19 October 2021, a public statement, whereby it announced a reprimand to the Planning and Building Control Department of the Government of Jersey for contravening Article 8(1)(f) of the Data Protection (Jersey) Law 2018.
The Personal Information Protection Committee ('PIPC') announced, on 27 October 2021, that it had imposed a fine of KRW 1.65 million (approx. €1,210) to Korean Medical Association for violation of the Personal Information Protection Act 2011 (as amended 2020) ('PIPA').
The Ministry of Industry and Information Technology ('MIIT') launched, on 1 September 2021, its new Cyber Threat and Vulnerability Information Sharing Platform.
The Baden-Württemberg data protection authority ('LfDI Baden-Württemberg') published, on 27 October 2021, a new guide to video conference systems.
The Danish data protection authority ('Datatilsynet') announced, on 27 October 2021, that it had published guidance on its website on the use of personal data for developing and testing IT systems.
The Jersey Office of the Information Commissioner ('JOIC') announced, on 21 October 2021, the issuance, on the same day, of a public statement by the Jersey Data Protection Authority ('JDPA'), whereby it imposed a reprimand to the Children's Services of the Government of Jersey for contravening Article 8(1)(f) of the Data Protection (Jersey) Law
The Personal Information Protection Committee ('PIPC') announced, on 27 October 2021, that it had imposed a fine of KRW 1.06 million (approx. €780) to Banobagi Plastic Surgery Clinic, for violation of the Personal Information Protection Act 2011 (as amended 2020) ('PIPA').
The Uruguayan data protection authority ('URCDP') announced, on 22 October 2021, that it has launched a new breach notification portal.
The Ministry of Industry and Information Technology ('MIIT') issued, on 25 October 2021, guidelines for the construction of the basic security standard system of the Internet of Things ('IoT') (2021 Edition).
The Privacy Commissioner for Personal Data ('PCPD') announced, on 21 October 2021, that it had successively received data breach notifications from Fimmick CRM Limited and its corporate clients since 4 October 2021, notifyng that Fimmick had been attacked by ransomware in September causing leakage of processed personal data.
The Norwegian data protection authority ('Datatilsynet') issued, on 18 October 2021, a fine of NOK 4 million (approx.
The Information Technology Industry Council ('ITI') announced, on 25 October 2021, that it had submitted comments to the U.S.
Global Cybersecurity Laws
Global Cybersecurity Laws
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- title
- Governing Texts
- Implementation of a framework
- Training and Awareness
- Risk Assessments
- Vendor Management
- Accountability
- title
- Data Security
- Notification of Cybersecurity Incidents
- Registration with authority
- Appointment of a security officer
- Sector Specific
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
NIS Directive
NIS Directive
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- Governing Texts
- Specific legislation
- Regulatory authority guidance
- Scope of Application
- Network and information systems
- Critical Information Systems
- Operator of Essential Services
- Cloud Computing Services
- Digital Service Providers
- Requirements
- Security Measures
- Notification
- Registration
- Security Officer
- Other
- title
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
US State Cybersecurity Laws
US State Cybersecurity
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- title
- Governing Texts
- title
- Scope of Application
- General Requirements
- Cybersecurity framework
- Notification
- Security Officer
- Other
- Sectoral
- Insurance
- Health
- Financial
- title
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
