Companies, lawyers, privacy officers, compliance managers, as well as human resources, marketing and IT professionals are increasingly facing privacy issues. While plenty of information is freely available, it can be difficult to grasp a problem quickly, without getting lost in details and advocacy. This is where Determann’s Field Guide to Data Privacy Law comes into its own – identifying key issues and providing concise practical guidance for an increasingly complex field shaped by rapid change in international laws, technology and society
The complexities of implementing the General Data Protection Regulation (GDPR) continue to grow as it progresses through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities, and the courts. This eminently practical guide to implementing the GDPR – written in an original, problem-solving style by a highly experienced data protection expert with equal knowledge of both law and technology – provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks and then implementing these changes through processes at the operational level. With detailed attention to case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance proceeds systematically through such topics and issues as the following: required documentation, policies, and procedures; risk assessment tools and analysis frameworks; children’s data; employee and health data; international transfers post-Schrems II; data subject rights including the right of access; data retention and erasure; tracking and surveillance; and effects of technologies such as artificial intelligence, biometrics, and machine learning. With its practical examples derived from the author’s experience in building GDPR-compliant software, as well as its analysis of case law and enforcement priorities, this incomparable guide enables company data protection officers and compliance staff to advise on key issues with full awareness of the legal and reputational risks and how to mitigate them. It is also sure to be of immeasurable value to concerned regulators and policymakers at all government levels. “…it's going to be the go to resource for practitioners.” Tom Gilligan, Data Protection Consultant, September 2021 "I purchased this book recently and I’m very glad I did. It’s the textbook I have been waiting for. As someone relatively new to data protection, I was finding it very difficult to find books on the practical side of data protection. This book is very clearly laid out with practical examples and case law given for each topic, which is immensely helpful. I would recommend it to any data protection practitioners." Jennifer Breslin, LLM CIPP/E, AIPP Member
This comprehensive reference covers the laws governing every area where data privacy and security is potentially at risk -- including government records, electronic surveillance, the workplace, medical data, financial information, commercial transactions, and online activity, including communications involving children.
A survey of Data Privacy and Security Laws worldwide with helpful explanations. What do Target, Google, Apple and Samsung all have in common? If you answered multimillion dollar fines for data privacy violations, you¿d be right.But you don¿t have to be Google to face a crippling lawsuit that could threaten the future of your business. Written in accessible language by experienced US and internationally-qualified professionals, Data Privacy: A Practical Guide enables business people to develop a quick and sound understanding of a company¿s legal obligations to protect client data.This book answers questions like: Which are the key data privacy law standard-setting bodies in the US and internationally? To what extent does cross-border selling expose you to data privacy compliance risks in foreign countries? Can you effectively offload your legal responsibilities to protect customer data to outsourced third-party service providers like web hosts and payment processors? What are your legal obligations after discovering a data privacy breach? What legal risks are involved in Web-based file sharing services like Dropbox? At what stage must you appoint a Data Protection Officer? How to document your company¿s compliance with its data privacy policy? ...and many more. Concrete examples are introduced throughout the text and are annotated to illustrate the implications of applicable laws on data privacy policies. Essential summaries ensure that key applicable laws of the US, Canada, EU, Australia, and several emerging markets are taken into account when designing your company¿s data protection policies. We also provide specific recommended courses of action to follow to mitigate liability following a data privacy breach. If you are creating, managing or complying with data privacy policy in an organization, this book was written for you.
This concise, practical guide helps the advocate understand the sometimes dense rules in advising patients, physicians, and hospitals, and in litigating HIPAA-related issues.
Engineer privacy into your systems with these hands-on techniques for data governance, legal compliance, and surviving security audits. In Data Privacy you will learn how to: Classify data based on privacy risk Build technical tools to catalog and discover data in your systems Share data with technical privacy controls to measure reidentification risk Implement technical privacy architectures to delete data Set up technical capabilities for data export to meet legal requirements like Data Subject Asset Requests (DSAR) Establish a technical privacy review process to help accelerate the legal Privacy Impact Assessment (PIA) Design a Consent Management Platform (CMP) to capture user consent Implement security tooling to help optimize privacy Build a holistic program that will get support and funding from the C-Level and board Data Privacy teaches you to design, develop, and measure the effectiveness of privacy programs. You’ll learn from author Nishant Bhajaria, an industry-renowned expert who has overseen privacy at Google, Netflix, and Uber. The terminology and legal requirements of privacy are all explained in clear, jargon-free language. The book’s constant awareness of business requirements will help you balance trade-offs, and ensure your user’s privacy can be improved without spiraling time and resource costs. About the technology Data privacy is essential for any business. Data breaches, vague policies, and poor communication all erode a user’s trust in your applications. You may also face substantial legal consequences for failing to protect user data. Fortunately, there are clear practices and guidelines to keep your data secure and your users happy. About the book Data Privacy: A runbook for engineers teaches you how to navigate the trade-off s between strict data security and real world business needs. In this practical book, you’ll learn how to design and implement privacy programs that are easy to scale and automate. There’s no bureaucratic process—just workable solutions and smart repurposing of existing security tools to help set and achieve your privacy goals. What's inside Classify data based on privacy risk Set up capabilities for data export that meet legal requirements Establish a review process to accelerate privacy impact assessment Design a consent management platform to capture user consent About the reader For engineers and business leaders looking to deliver better privacy. About the author Nishant Bhajaria leads the Technical Privacy and Strategy teams for Uber. His previous roles include head of privacy engineering at Netflix, and data security and privacy at Google. Table of Contents PART 1 PRIVACY, DATA, AND YOUR BUSINESS 1 Privacy engineering: Why it’s needed, how to scale it 2 Understanding data and privacy PART 2 A PROACTIVE PRIVACY PROGRAM: DATA GOVERNANCE 3 Data classification 4 Data inventory 5 Data sharing PART 3 BUILDING TOOLS AND PROCESSES 6 The technical privacy review 7 Data deletion 8 Exporting user data: Data Subject Access Requests PART 4 SECURITY, SCALING, AND STAFFING 9 Building a consent management platform 10 Closing security vulnerabilities 11 Scaling, hiring, and considering regulations
A book for anyone wanting to know about data privacy laws. This is the 3rd edition of this Practical Guide and contains deeply insightful and practical information about data privacy laws around the world and what is required of businesses today and how to comply with the law.
This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.
Firms are collecting and analyzing customer data at an ever increasing rate in response to evidence that data analytics (precision targeting, improved selling) generates a positive return. Yet efforts often ignore customers’ privacy concerns and feelings of vulnerability with long-term effects on customers’ trust, relationships, and ultimately financial performance. Big data, privacy, and cybersecurity often is relegated to IT and legal teams with minimal regard for customer relationships. This book fills the void by taking a customer-centric approach to privacy. It offers both defensive and offensive marketing-based privacy strategies that strongly position firms in today’s data-intensive landscape. The book also helps managers anticipate future consumer and legislative trends. Drawing from the authors’ own work and extant research, this book offers a compelling guide for building and implementing big data- and privacy-informed business strategies. Specifically, the book: · -Describes the consumer psychology of privacy · -Deconstructs relevant legal and regulatory issues · - Offers defensive privacy strategies · - Describes offensive privacy strategies · Provides an executive summary with the Six Tenets for Effective Privacy Marketing This book will be useful to managers, students, or the casual reader who is interested in how and why big data and consumer privacy are transforming business. Moving beyond summary privacy insights, the book also offers a detailed and compelling action plan for improving performance by protecting against privacy threats as well as developing and implementing offensive privacy strategy. In the future, many firms will be competing through an integrated, customer-centric big data privacy strategy and this book will guide managers in this journey.
A detailed look at the General Data Protection Regulation (GDPR). Understand how to comply. Learn Quick Tips providing answers to your data privacy questions. Learn how to engage a data privacy officer, conduct direct marketing campaigns, create compliance documentation, choose a legal basis for collecting personal information, respond to data subject requests. Avoid costly fines and penalties by ensuring your company's activities comply. Learn about Data Privacy Impact Assessments, data mapping and data subject requests. Answers questions about obtaining consent, processing and retaining personal information. Do your company's direct marketing campaigns conflict with the GDPR? Learn how to create a data privacy compliance program. Included is a survey of all EU member states data privacy laws.
