DLA Piper's Global Privacy and Data Protection Resource
Authors: Alexa Smith, James Clark, Robyn Palmer, Jamie Sanderson
The UK Government has published its long-awaited ‘Data Protection and Digital Information Bill’. The Bill will reform areas of UK data protection and electronic privacy law, and will also introduce new regulatory frameworks, most notably in the field of digital identity…
Continue Reading UK: New Data Protection and Digital Information Bill
Author: James Clark
The UK’s Department for Health and Social Care (“DHSC”) has published a major strategy document (‘Data saves lives: reshaping health and social care with data’) outlining the government’s plans for the regulation and use of data in healthcare.
In this post, we look at some of the most…
Continue Reading UK: New National Strategy for Health Data
Authors: Carolyn Bigg, Venus Cheung, Fangfang Song, Gwyneth To
We have all been waiting for a confirmed approach on legitimising overseas transfers. Finally, we have a clear answer on what organisations need to do to transfer or access for personal data and “important data” outside of Mainland China; and the message is…
Continue Reading CHINA: Cross-border data transfers – what are your options?
Authors: Carolyn Bigg, Venus Cheung, Fangfang Song
The China draft SCCs have been published, but may not provide the easy approach to cross border transfers of Mainland China personal data we have hoped to. Requirements to file the SCCs or PIIA for each transfer with the regulator, to undertake mini transfer impact assessments…
Continue Reading CHINA: Draft SCCs Released – Time to Focus on Overseas Data Transfers
The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling.
In Order No. 224 of June 9, 2022, the Italian data protection authority found that transfers of personal data…
Continue Reading ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data
Authors: Denise Lebeau-Marianna, Tess Muckensturm and Divya Shanmugathas
Since our last post, the French Supervisory Authority (the “CNIL”) has published a Q&A and a post on June 7, 2022 regarding Google Analytics, where it highlights the key points of its formal notices and gives some practical advice to website operators.
The UK ICO has published its AI and data protection risk toolkit (the “Toolkit“). The Toolkit is designed to provide practical support to organisations using AI systems which may involve the processing of personal data. It builds on the ICO’s earlier guidance on AI and data protection, published in July 2020.
The…
Continue Reading UK: ICO publishes AI and Data Protection risk Toolkit
On 8 March 2022, The Data Protection Act 2018 (Access Modification) (Health) Regulations 2022 (“the 2022 Regulations”) came into force, revoking and replacing the Data Protection (Access Modification) (Health) Regulations 1989 (the “1989 Regulations”). The new 2022 Regulations will have an impact on organisations that process health data (i.e. physical and mental health…
Continue Reading Ireland: Employers can now process Data Subject Access Requests without advice of health service providers
The European Council and the European Parliament have agreed on measures for a high common level of cybersecurity across the EU (the “NIS2”).
Once adopted, NIS2 will replace the current Directive on Security of Network and Information Systems (“NIS Directive”). NIS2 will introduce a number of changes, including bringing more sectors…
Continue Reading Europe: One step closer towards the adoption of NIS2
Organisations engaging in cross border transfers of personal data may now rely on the Recommended Model Contractual Clauses (RMCs), recently published by the Privacy Commissioner for Personal Data (PCPD).
The two sets of RMCs are intended for controller to controller transfers, and controller to processor transfers. The RMCs may be used in:
…
Continue Reading Hong Kong: Newly published Model Contractual Clauses
