Archives

GDPR Compliance

The Right to be Forgotten: Search Engines under the Recent CJEU cases

The further we evolve into a post-GDPR world, the more we are starting to see guidance come from a variety of sources. The European Data Protection Board (“EDPB”) continues to provide guidelines to fill in ambiguities in areas of the GDPR that are less clear. In addition, the Court of Justice of the European Union […]

An Active Summer for GDPR: Part II, Video Surveillance Data and the US CLOUD Act

In an effort to make sure everyone is up-to-date on the guidelines, decisions, and other relevant changes in European data protection, XPAN is providing a break down of what you may have missed over those relaxing summer months. Last week (available here), we provided a breakdown of the first of two plenary sessions held by […]

An Active Summer for GDPR: Part I, Codes of Conduct & Certification under the GDPR

As the summer is beginning to wind down, it is a good time to reflect on the last few months and to set priorities for the upcoming fall and winter months when it comes to a company’s security and privacy infrastructure. And, the EU authorities have had an active summer — giving companies in all […]

Beware of Potential Conflicts: Should Your Organization Appoint an IT Director as a Data Protection Officer?

**Reproduced from the International Journal for the Data Protection Officer, Privacy Officer, and Privacy Counsel, availabe here.  By Jordan L. Fischer, Esquire, Managing Partner, XPAN Law Group, LLC and Michael A. Shapiro, Esquire, XPAN Law Group, LLC Since the enactment of the European Union’s General Data Protection Regulation (the “Regulation”), the Data Protection Officer (“DPO”) […]

One Year Later: How are the Regulators Enforcing the GDPR?

We are coming up on the first anniversary of the European Union’s General Data Protection Regulation (“GDPR”), one of the most anticipated data protection regulations in recent memory. Love it, hate it, indifferent — regardless of your personal feelings, the GDPR made waves. It was the catalyst that caused companies across all industries to start […]

One Ring to Rule Them All

With large cyber breaches like Instagram, Target, and Equifax it isn’t a surprise that the National Association of Insurance Commissioners (NAIC) issued the Data Security Model Law (MDL-668) (the “Model Law”).  The Model Law heavily borrows from the New York Department of Financial Services (NYDFS) cybersecurity regulations that went into effect on March 1, 2017. […]

Look Before You Leap.. Privacy and Security in M&A Transactions

For those of us in the privacy and security area, the European Union’s General Data Protection Regulation (“GDPR“) has dramatically changed the landscape and the platform privacy and security enjoy both domestically and abroad.  The GDPR is driving much of the conversation around privacy and security but we have also seen a renaissance in privacy […]

Google’s First GDPR Appeal: What’s at Stake?

This post is authored by Matt Avellino, a second-year law student at Villanova University’s Charles Widger School of Law. Mr. Avellino is a legal-intern with the XPAN Law Group. Google is gearing up to appeal a €50 million privacy violation resulting from the French data protection agency, CNIL. Although the fine is miniscule when compared […]

Where are we now? Six Months Into the GDPR

On May 25, 2018, the European Union’s General Data Protection Regulation (“GDPR”) went into effect, and largely took the corporate world by surprise. In the ensuing six-plus months, the negative speculation on the impact of the GDPR has run rampant: it will destroy innovation, companies will be put out of business with extraordinary fines — […]

Rebecca Rakoski Periodical on Privacy in 2018 for Policy & Medicine’s Compliance Update

Rebecca L. Rakoski, Esq.’s periodical, ‘A Modern Renaissance Privacy in 2018 and Its Continuing Domestic Evolution,’ has been published in Policy & Medicine‘s Compliance Update.  Below is an excerpt from the article… These days, it seems that nearly every evolved country in the world recently passed a piece of sweeping privacy regulation. In a global […]