Data Purpose Can Make All the Difference

Associating data with a business purpose and not a commercial purpose can permit greater data sharing, and avoid the application of the CCPA altogether.  What is the difference between a business purpose and a commercial purpose under the CCPA and why is it important?  In short, the difference is one of what realm of things…
Read more

How CCPA Affects Healthcare

How Does CCPA Affect Healthcare Privacy?

Author: Ethan Heilig For the last two decades, the Healthcare Insurance Portability and Accountability Act (HIPPA) has been the policy that regulated healthcare data in the U.S by making it illegal to share medical information with people or organizations that the patient did not preapprove. However, the scope of data protected by HIPPA is limited.…
Read more

Why Email Shouldn’t be Used to Manage DSARs

Data Subjects Access Requests (DSARs) have been on the rise since the European Commission gave the nod to the General Data Protection Regulation (GDPR). There are many things to consider when your company receives a DSAR, including verifying the requestor’s identity, reviewing the information requested, and redacting any information related to other people.  However, one…
Read more

Risks to Be Considered When Responding to DSAR

Magnacrest, a Buckinghamshire-based housing developer, was fined for failure to comply with data subject access requests. This incident serves as a fresh reminder for businesses about the public’s right to review all the personal data that gets processed. While the Magnacrest investigation predated the General Data Protection Regulation and resulted in a small fine, the Information Commissioner’s…
Read more

California Consumer Protection Act CCPA Checklist

Checklist to Verify Whether the California Consumer Protection Act (CCPA) Applies to Your Company

The strongest set of data protection rules to date – GDPR – came into effect across the European Union on May 25, 2018. The intent was to modernize laws protecting the private information of individuals. But what the General Data Protection Regulation (GDPR) really did was pave the way for the implementation of similar regulations…
Read more