No. The European GDPR does not use the term “service provider” and, instead, refers to “processors.” Click here to read the full answer, published by the Washington Legal Foundation.
Darren Abernethy Quoted in a Bloomberg Law Article on Global Privacy Control
Global Privacy Control, a way for consumers to signal privacy preferences to a host of websites without manually reaching out to each one, is gaining traction. It is unclear if it can be used as a legal compliance mechanism. GT Shareholder Darren Abernethy is quoted in this article on Global Privacy Control and privacy laws
What is de-identified data?
The terms “deidentified” and “deidentification” are commonly used in modern privacy statutes and are functionally exempt from most privacy- and security-related requirements. As indicated in the chart below, differences exist between how the term was defined in the California Consumer Privacy Act (CCPA) and how it was defined in later state privacy statutes set to
The Brave New World of Data Privacy: Benchmarking Corporate Compliance
While the CCPA went into effect on Jan. 1, 2020, it did not become fully enforceable until July 1, 2020. When we passed the one-year anniversary of the CCPA becoming law, it provided an opportunity to assess the impact of the CCPA on privacy programs and to begin to benchmark against emerging industry standards. To
Nov. 17 Event | Crash Course: The State of Privacy Law in California
Hosted by the University of Colorado Law School, U.S. Data, Privacy, and Cybersecurity Practice Co-Chair David Zetoony will present on his new book, “The Desk Reference Companion to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).” This reference guide collects over 500 of the most common questions concerning
How long do healthcare companies take to respond to access requests?
The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the speed with which they respond to the data subject requests that they received in the previous calendar year. Among other things, businesses must report the average or
What percentage of access and deletion requests do healthcare companies deny each year?
The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Among other things, businesses must publicly report the number of access and deletion requests
How many Do Not Sell requests do health care companies receive each year?
The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Among other things, if a business offers a do not sell my personal information
How many deletion requests do health care companies receive on average each year?
The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Among other things, businesses must report the number of deletion requests received. 1
A
New California Privacy Regulator Invites Feedback to Proposed Rules under the California Privacy Rights Act
The California Privacy Protection Agency (the “Agency” or CPPA), the new California state agency created under the California Privacy Rights Act of 2020 (CPRA) to oversee and enforce the California Consumer Privacy Act (CCPA) and the CPRA, has recently called for preliminary public comments on a proposed rulemaking under the CPRA. See the invitation from