201812.06
0

Laura Clark Fey Named to Super Lawyers List

Laura Clark Fey, Principal of Fey LLC, has been named to the 2018 Missouri & Kansas Super Lawyers list.  This year marks her 11th consecutive year as a Super Lawyers honoree.  Read her newest article, The GDPR and You, published in the December 2018 Missouri & Kansas Super Lawyers issue, here.

FTC Settles with Four Companies Falsely Claiming Current Participation in EU-U.S. Privacy Shield
201811.19
0

FTC Settles with Four Companies Falsely Claiming Current Participation in EU-U.S. Privacy Shield

In September of 2018, the Federal Trade Commission filed complaints against four companies for falsely claiming to be certified under the EU-U.S. Privacy Shield, alleging such acts constituted deceptive acts or practices violating Section 5(a) of the Federal Trade Commission Act.  One company claimed on its website that it “complies with the EU-U.S. Privacy [S]hield framework”…

201811.08
0

UK Information Commissioner’s Office Enforces GDPR Against Non-European Entity

The question of whether European data protection authorities will, in fact, seek to enforce the General Data Protection Regulation (GDPR) on non-European entities has been answered.  The UK Information Commissioner’s Office (ICO) issued an enforcement notice (Notice) against a Canadian corporation with no EU operations, AggregateIQ Data Services Limited (AIQ). Canadian Company had Ties to…

China’s New Regulation on Cybersecurity Goes into Effect Today. Here’s What You Should Know.
201811.01
0

China’s New Regulation on Cybersecurity Goes into Effect Today. Here’s What You Should Know.

China’s new cybersecurity regulation, Regulation on the Internet Security Supervision and Inspection by Public Security Authorities (the “Regulation”), takes effect today. The Regulation, issued by China’s Ministry of Public Security, allows China’s law enforcement (Public Security Bureaus, commonly referred to as “PSBs”) to enforce China’s Cybersecurity Law (“CSL”) by conducting onsite or remote inspections. Although…

201709.06
0

Laura Clark Fey to Present on Third-Party Vendor Contracting at IAPP KnowledgeNet in Denver

Laura Clark Fey, CIPP/US, CIPP/E, CIPM, FIP, Principal of Fey LLC, will speak at the IAPP Denver KnowledgeNet on “Third-Party Vendor Selection and Contracting:  Limiting Risk under the Privacy Shield, GDPR, and Privacy Regulations Worldwide.” She will co-present with Jennifer Mullins, CIPP/E, General Counsel of SafeGuard World International. We have inserted more information on this…

201709.06
0

Laura Clark Fey to Present on GDPR at Denver Summit for Senior Information Security Leaders

Laura Clark Fey, CIPP/US, CIPP/E, CIPM, FIP, Principal of Fey LLC, will speak to senior information security leaders at the 2017 Alliance Leadership Summit on “Overcoming EU GDPR Challenges at the Intersection of Privacy and Security.”  She will co-present with Leon Ravenna, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM, FIP, PMP, Chief Information Security Officer of KAR…

201708.31
0

Fey to Moderate Upcoming Cybersecurity & Privacy Regulator/Prosecutor Panel in Chicago

Next week, Laura Clark Fey, CIPP/US, CIPP/E, CIPM, FIP, Principal of Fey LLC, will moderate a panel at the DRI Cybersecurity and Data Privacy Seminar that will provide seminar participants with an opportunity to not only listen to two regulators and a prosecutor talk about important privacy and cybersecurity issues—but also to interact directly with…

201705.26
0

Less than One Year until EU GDPR: Recommended Steps to Take Now

It is now less than one year before the EU General Data Protection Regulation (“GDPR”) takes effect—bringing with it increased compliance obligations, penalties (as high as 20 million euros or 4% annual worldwide turnover), and enforcement.  EU regulators have already advised organizations that there will be no grace period for compliance after May 25, 2018. …

201609.01
0

Reason to Move Onward: The Privacy Shield’s Limited-Time-Only Grace Period

If your company plans to join the Privacy Shield, if possible, you should try to self-certify by September 30, 2016.  By doing so, you will be able to take advantage of a nine-month grace period to bring existing third-party relationships in conformance with the Accountability for Onward Transfer Principle.  Why is this nine-month grace period…

201608.17
0

Implementing an Actionable, Right-Sized Records Retention Schedule

Our August 9 blog post addressed how current privacy and security regulatory developments were making the case for implementing processes for the prompt and defensible disposition of your company’s records and information.  Before there can be defensible disposition, however, it is first necessary for a company to develop and implement an actionable, right-sized records retention…

201608.09
0

Privacy and Security Regulatory Developments Make the Case for Defensible Disposition

There is a strong business case for defensible disposition, which is the process of disposing of company information when it is no longer needed for business or legal purposes.  Key business benefits for defensible disposition include saving costs for storage; improving operational efficiency by better enabling employees to access needed information without having to wade…