Implementing an Effective E-Signature Program

Electronic commerce has exploded over the past decade, bringing with it a host of new laws related to business transactions using modern technology and communication. Of note are those related to the use of electronic signatures. E-Signature policies are increasingly being adopted by businesses to save significant time and money by eliminating the manual back-and-forth of routing paper documents and reducing the time needed for signature and approvals.
Read More

Governing the Data Protection Practices of Third Parties

The imminent enforcement date of the GDPR has the technical world scrambling for compliance across all aspects of every enterprise. While many have begun to incorporate the guiding principles of "Controller" and "Processor" into their operational practices,  some Controllers may not yet have considered how their Processor's Processors handle relevant data.
Read More

GDPR Readiness - or Not

With the May 25th compliance deadline for the EU’s General Data Protection Regulation (GDPR) rapidly approaching, GDPR compliance and enforcement issues are top of mind for the Legal community. The adoption of the General Data Protection Regulation (GDPR) sets a high bar in the protection of personal data. The Regulation was designed to give citizens control of their personal data and address the disruption to data privacy fashioned by the rapid evolution of information technology over the past 20 years. The publication of the official text in 2016 provided organizations located in, and those doing business in the EU, time to review and prepare for the upcoming compliance deadline of May 25, 2018.
Read More

GDPR's Protections for the Transfer of PII

Europe's General Data Protection Regulation (GDPR), operative May 25, 2018, governs not just how your company protects the personally identifying information (PII) of EU citizens and residents, but also from whom. The rule clarifies that mandatory PII protections extend beyond local data storage and usage to also include data transfer across borders to third parties and beyond. Your obligation to keep your EU data safe now requires you to also ensure that it will remain safe wherever and with whomever it ultimately ends up.
Read More

Controllers and Processors: How the GDPR Assigns Responsibilities

If your U.S.-based company receives data (is a "data collector") from European Union (EU) citizens or residents, it must comply with the incoming GDPR - the EU's General Data Protection Regulation. That regulation divides "data collectors" into one of two categories: "Controllers" or "Processors." Determining which role best defines your corporate data-collection activities will also guide the development of your GDPR-compliant PII management systems.  
Read More

GDPR and the Expanding Concept of "Citizen"

Europe's General Data Protection Regulation (GDPR) establishes a fundamental right to privacy in all of the "data subjects" that are within its jurisdiction. The rule becomes enforceable on May 25, 2018, and companies that have EU "data subject" information currently in their databanks must demonstrate by that date that they are managing that data per GDPR standards. If your enterprise works in the EU or with EU citizens, you need to be prepared to demonstrate GDPR compliance on or before its enforcement date.
Read More

Who Owns Personal Data? GDPR vs USA

Beginning May 25, 2018, the European Union's General Data Privacy Regulation (GDPR) goes into effect, and it's a radical departure from American data privacy standards. The rule requires an explicit "opt-in" from every website visitor and covers all EU residents and citizens. Your enterprise must develop and maintain a whole new array of privacy protection systems to become and remain compliant with the new regulations.
Read More

How to Ensure Your Business is Compliant with GDPR

You probably know that businesses regularly collect and use consumers' personally identifiable information (PII), but do you know which companies have information about you, what information they have, and how precisely they collect and use it? More importantly, do you believe you have the right to deny or restrict what businesses do with your personal information?
Read More


Hyperion News