Support Centre

Dashboard

Design, optimise and maintain today

Monitor regulatory developments, mitigate risk and achieve global compliance with the full OneTrust DataGuidance platform

Privacy Today

The French data protection authority ('CNIL') announced, on 28 February 2020, its decision ('the Decision') taken, on 20 February 2020, to partially close proceedings against S.A.S.

The Office for Personal Data Protection ('UOOU') published, on 27 February 2020, its 2020 control plan ('the Plan'), which focuses on checks on the compliance of emerging technologies.

The Spanish National Cybersecurity Institute ('INCIBE') issued, on 27 February 2020, a blog post ('the Blog Post') on cybersecurity in the e-commerce sector.

The UK Government published, on 27 February 2020, a report ('the Report') on the UK's approach to its future relationship with the EU, which contains information on data adequacy.

The Centre for Cyber Security ('CFCS') published, on 28 February 2020, its threat assessment for companies and authorities on hacker attacks ('the Threat Assessment').

The Office of the Data Protection Ombudsman announced, on 13 January 2019, that the Deputy Data Protection Ombudsman ('the Deputy Ombudsman'), had issued a decision in a case in which an individual had complained to the Deputy Ombudsman that he had not been informed by the data controller that a phone call had been recorded ('the Decision').

The Office of the Australian Information Commissioner ('OAIC') released, on 28 February 2020, its notifiable data breaches report for the period of 1 July 2019 to 31 December 2019 ('the Report').

The Dutch data protection authority ('AP') announced, on 28 February 2020, that it had sent a letter ('the Letter') to INSOLAD, a specialist association for insolvency lawyers, clarifying the rules for dealing with personal data in the event of bankruptcy of an organisation, and published guidance ('the Guidance') on the same.

The Spanish data protection authority ('AEPD') issued, on 27 February 2020, a blog post ('the Blog Post') on consent under the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Blog Post addresses the conditions for obtaining valid consent under the GDPR.

The Danish data protection authority ('Datatilsynet') announced, on 27 February 2020, that it had issued a decision ('the Decision') against Intervare A/S for failing to notify data subjects following a data breach, as required by Article 34 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR').

The National Cybersecurity Center of Excellence ('NCCoE') announced, on 7 February 2020, that it has issued a Federal Register notice ('the Notice') seeking feedback on its latest project on Protecting Information System Integrity in Industrial Control System Environments ('the Project').

The Danish data protection authority ('Datatilsynet') announced, on 27 February 2020, that it had issued a decision ('the Decision') against Nemlig.com A/S for failing to notify data subjects following a data breach, as required by Article 34 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR').

The European Commission ('the Commission') announced, on 27 February 2020, that it had reached an agreement with the Organisation for Economic Co-operation and Development ('OECD') in order to jointly monitor global artificial intelligence ('AI') developments, following the

The Tennessee Orthopaedic Alliance ('TOA') notified, on 14 February 2020, the U.S. Department of Health & Human Services Office for Civil Rights ('OCR') of a data breach affecting 81,146 of its current and former patients, which the OCR is now investigating.

Aveanna Healthcare, LLC. announced, on 18 February 2020, a data breach affecting 116,077 of its patients, of which the U.S. Department of Health & Human Services Office for Civil Rights ('OCR') was notified on 14 February 2020.

The Rhineland-Palatinate data protection authority ('LfDI Rheinland-Pfalz') launched, on 25 February 2020, its initiative ('the Initiative') with the Rhineland-Palatinate Association of Statutory Health Insurance Physicians ('KVRLP') to produce assistance materials for implementing data protection in medical and psychotherapeutic practices.

The Office of the Privacy Commissioner for Personal Data ('PCPD') published, on 26 February 2020, a statement ('the Statement') relating to the use of personal data from social media platforms for the purpose of tracking potential carriers of the novel coronavirus ('COVID-19').

NCH Healthcare System, Inc. notified, on 17 February 2020, the U.S. Department of Health & Human Services' Office for Civil Rights ('OCR') of a data breach affecting 63,581 NCH members.

The Office for Personal Data Protection ('UOOU') released, on 24 February 2020, a statement ('the Statement') on the duties related to reporting security breaches in the healthcare sector.

The Ministry of Food and Drug Safety ('MFDS') released, on 25 February 2020, a notice on improving the review processes for medical devices ('the Notice') and revised guidelines for mobile medical apps ('the Revised Guidelines').

The European Union Agency for Cybersecurity ('ENISA') announced, on 24 February 2020, that it had published guidelines ('the Guidelines') on cybersecurity in the context of procurement of services, products, and infrastructure by hospitals.

The Organisation for Economic Co-operation and Development's ('OECD') Global Forum on Transparency and Exchange of Information for Tax Purposes ('the Global Forum') published, on 26 February 2020, a statement ('the Statement') announcing that the Global Forum and the Italian Revenue Agency ('the Agency') carried out an onsite visit in Tirana fro

The Department of Internal Affairs released, on 26 February 2020, four guidance videos ('the Videos') to assist businesses with understanding the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 ('the AML/CFT Act').

The Eurasian Group ('EAG') announced, on 7 February 2020, that it had approved the anti-money laundering and countering the financing of terrorism ('AML/CFT') Executive Summary and Mutual Evaluation Report of the Republic of Belarus ('the Report') in November 2019.

The EU Blockchain Observatory and Forum announced, on 26 February 2020, that it had published its report on Blockchain and the Future of Digital Assets ('the Report') within its newsletter ('the Newsletter').

The Bank of Canada ('the Bank') published, on 25 February 2020, a Report ('the Report') on Contingency Planning for a Central Bank Digital Currency ('CBDC') stating that it will be implementing a portfolio of initiatives designed to prepare for the future of money and payments, and to be ready for different unpredictable possible scenarios.

The Financial Services Regulatory Authority ('FSRA') of the Abu Dhabi Global Market ('ADGM') announced, on 24 February 2020, that it had updated its virtual asset regulatory framework which includes amendments to the FSRA Regulations and FEES Rules (Virtual Assets) ('the Regulations') and the FSRA Rules (Virtual Assets) ('the Rules').

The Financial Services Commission ('FSC') released, on 25 February 2020, its plan for FinTech and digital finance innovation and development for 2020 ('the FinTech Plan'), following the release of the FSC's business plan for 2020.

The Federal Deposit Insurance Corporation's ('FDIC') technology lab ('FDiTEch') released, on 24 February 2020, a guide for third parties ('the Guide') on the environment in which banks operate and navigate the requirements unique to banking.