CPRA

You need a data retention plan. No really.

And not just in the European Union. In California too.

Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform

Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.

For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.

That was a key facet of what I discussed last week on an anonymization panel during the IAPP

Continue Reading Deidentification vs Anonymization: What Is Enough?

The California Privacy Protection Agency has revised (again) the CPRA regulations.

There are several edits, including some clarifications and removals simplicity of implementation “at this time.” The regulations also double

Continue Reading Revised California Privacy Rights Act Regulations Are Out: What You Need to Know.

While speaking recently at the Nordic Privacy Arena in Sweden, I offered Nordic companies seven things they should think about when doing business in the United States.

For your reading

Continue Reading 7 Things Nordic Companies Should Think About When Doing Business in the US

The Health Insurance Portability and Accountability Act of 1996 may be the most well-known privacy law in the United States, but it is also one of the most misunderstood.

Many

Continue Reading HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.