Virginia Consumer Data Protection Act: What you need to know
As consumers become more interested in the privacy of their personal data online, more and more states are proposing and passing their own privacy bills. These bills provide consumers with certain privacy rights, require websites to have a Privacy Policy that makes very specific disclosures, and impose heavy fines for
Why a static Privacy Policy is not a good idea
Let’s face it, as a species, we do not deal well with change. We all have a favorite restaurant, a favorite meal, and a favorite pair of jeans that we would probably enjoy forever if we could. Also, there’s a certain satisfaction in completing an arduous task such as creating
Is your WordPress Privacy Policy compliant?
Whether you are building a website for yourself or for a client, you have probably run into WordPress. WordPress is a free and open source content management solution that can be used to build websites with a wide variety of features, from a simple blog to a complex online store
Privacy Policies for law firms
Law firms and lawyers are no strangers to compliance requirements – you watch your CLE’s, make sure that you renew your license registration, and advise your clients on legal entities, contracts, and business licenses. However, an important compliance requirement that often falls through the cracks is the law firm Privacy
Cybersecurity through balanced information security policies
Simply defined, personally identifiable information (PII) is any information that can be used to identify a particular person. Examples include an individual’s full name, Social Security number, driver’s license or ID number, passport number, bank account numbers, e-mail addresses, IP addresses, and geolocation information. In 2008, Illinois led the way
CCPA toll-free phone number requirement
The CCPA: California Consumer Privacy Act provides consumers with the opportunity to make a number of requests to businesses that collect personally identifiable information (“PII”). Specifically, consumers may request that the business disclose what PII has been collected, what PII has been sold, and take action to delete the consumer’s
Who is exempt from PIPEDA?
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a privacy law that protects the Personally Identifiable Information (PII) of Canadians. PIPEDA has strict restrictions on the collection, use, and disclosure of this PII, including requiring Privacy Policy disclosures, privacy rights for Canadians, and the requirement to follow the
GDPR: Transferring data outside of the European Union
The General Data Protection Regulation (“GDPR”) requires a data controller to implement safeguards to protect the personal data of residents in the European Union (“EU”). When an organization transfers data outside of the EU, it must follow the requirements of the GDPR. In this guide, we will explain: What are
PIPEDA Fair Information Principle: Accountability
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a privacy law that protects the Personally Identifiable Information (PII) of Canadians. The law achieves this goal by prescribing how PII can be collected, used and disclosed via the ten PIPEDA Fair Information Principles. In this article, we will discuss
PIPEDA Fair Information Principles: Individual Access
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a privacy law that was enacted to protect the privacy rights of residents of Canada. The right to access one’s personal information is the hallmark of national and international privacy laws. In this blog post, we will explore the rights
PIPEDA Fair Information Principles: Limiting Collection
In an effort to give individuals control over how their information is handled by private organizations, many countries that have enacted comprehensive privacy laws that include a collection limitation principle. In this article, we will look at how Canada’s privacy law, The Personal Information Protection and Electronic Documents Act (PIPEDA),
GDPR creating data flow maps
The General Data Protection Regulation (“GDPR”) allows residents in the European Union (“EU”) to have control over their data. Under the GDPR, a controller must maintain an internal record of all its processing activities. In addition, the controller must make the record available to a supervisory authority upon request. In
