CPRA

The United Kingdom’s Information Commissioner’s Office recently issued guidance on how to keep employment records.

This is good advise for employers beyond Europe (and particularly in California). The data

Continue Reading Information Commissioner’s Office Issues Guidance on How to Keep Employment Records: What You Need to Know

“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.

I recently participated in

Continue Reading US Privacy Laws and Legislation: What You Need to Know

You need a data retention plan. No really.

And not just in the European Union. In California too.

Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform

Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.

For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.

That was a key facet of what I discussed last week on an anonymization panel during the IAPP

Continue Reading Deidentification vs Anonymization: What Is Enough?

The California Privacy Protection Agency has revised (again) the CPRA regulations.

There are several edits, including some clarifications and removals simplicity of implementation “at this time.” The regulations also double

Continue Reading Revised California Privacy Rights Act Regulations Are Out: What You Need to Know.