Colorado’s final CPA rules are here.
There aren’t too many changes from the track changes version that was published a month ago, but here some key points:
The Colorado Privacy Act: What is New in the Final Version of the Rules?
US Privacy Laws and Legislation: What You Need to Know
“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in
Continue Reading US Privacy Laws and Legislation: What You Need to KnowRevised Colorado CPA Rules Are Here: What You Need to Know
- What are the pros
Deidentification vs Anonymization: What Is Enough?
For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP
Continue Reading Deidentification vs Anonymization: What Is Enough?Are You Using Dashcams to Monitor Employees and Customers? Be Careful.
If you are using dashcams to monitor employees and customers, you need to be careful.
A recent finding from the Office of the Privacy Commissioner of Canada offers good guidance
Continue Reading Are You Using Dashcams to Monitor Employees and Customers? Be Careful.HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.
The Health Insurance Portability and Accountability Act of 1996 may be the most well-known privacy law in the United States, but it is also one of the most misunderstood.
Many
Continue Reading HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.Beware the Motive Behind a Data Access Request
If you are filing a data access request and it is clear that the intention is something other than finding out whether the processing of the data was lawful, the
Continue Reading Beware the Motive Behind a Data Access Request
What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’
What do obscenity and data minimization have in common?
As Justice Potter Stewart famously wrote in his concurring opinion to the U.S. Supreme Court’s decision in the 1964 free speech
Continue Reading What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’
Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA
Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice
Anonymization Governance: Why It’s Important for GDPR and for CPRA
The United Kingdom’s Information Commissioner’s Office has issued draft guidance regarding governance and anonymization.
What does it mean for GDPR and for the host of new US Privacy laws, including
Continue Reading Anonymization Governance: Why It’s Important for GDPR and for CPRA