About HewardMills

This article was written by our experts at HewardMills

Why DPOs and privacy teams need to consider adequate cross-border data transfers mechanisms critical for data protection compliance 

The Dutch Data Protection Authority (DPA) has fined Uber an unprecedented €290 Million fine related to a breach of GDPR cross-border data transfer rules.  In a case that has somewhat divided opinion in the data protection and privacy space, the regulator ruled that transferring EU drivers' personal data to U.S. servers without adequate Standard [...]

By |2024-09-09T14:40:03+01:009th September, 2024|Data Breaches, DPO, Governments, News, Works council|

How working closer with your Data Protection Officer can reduce the risk of fines

Tough trading conditions mean more and more businesses are having to make a call on how to allocate their hard-earned income.  In this context, being aware of the need to adequately resource your Data Protection Officer (DPO) to meet regulatory requirements becomes paramount to minimising the risk of fines. Recently, the administrative court of Luxembourg [...]

By |2024-08-12T11:34:55+01:009th August, 2024|DPO, Governments, News, Works council|

How privacy teams can prepare for the EU AI Act coming into force

As the EU AI Act officially comes into force in August, we are set to see a phased implementation over the next few years. With the clock ticking, DPOs have an important role to play in supporting businesses to urgently assess AI policies and meet complex compliance requirements.   For the DPO, key considerations in [...]

By |2024-08-02T15:02:29+01:002nd August, 2024|Artificial Intelligence, DPO, Governments, News|

Mitigating Cybersecurity & Privacy Risks in India

On 18th July 2024, India's biggest crypto exchange, WazirX suspended its trading activities after a cyber-attack that drained nearly half of its reserves (close to 230 million USD worth of crypto assets). According to the platform, the breach exploited a vulnerability in the exchange's multi-signature wallet system, compromising the security of stored funds. The [...]

By |2024-08-01T15:28:22+01:001st August, 2024|Cybersecurity, Data Breaches, DPO, Governments, News|

5 easy ways to balance DEI with data protection & privacy practices in the workplace

In today’s rapidly evolving workplace, Diversity, Equity, and Inclusion (DEI) have become essential values for creating a supportive environment where everyone feels included. This results in an environment where trust is fostered and people are empowered. At the same time, DEI initiatives are grounded in the collection, storage, use, and publication of sensitive data, [...]

By |2024-07-29T17:06:41+01:0029th July, 2024|DEI, DPO, Governments, News|

Installing data protection guardrails to tackle AI-related cyberattacks

Cyberattacks continue to pose a formidable threat to organisations across the world. In recent times, we have witnessed a surge in high-profile breaches, each one leaving a trail of compromised personal data. Take, for instance, the infamous "Mother of All Breaches" (MOAB) in January 2024, which reportedly exposed over 26 billion sensitive records. More [...]

By |2024-07-29T18:03:26+01:0026th July, 2024|Cybersecurity, DPO, Governments, News|

Privacy and Security in cross-border genetic data transfers

Genomic technology is increasingly becoming entrenched in a lot of our health services. From population health screening, ancestry testing, nutritional testing, policing, and crime prevention, the technique has become commonplace.   This has also led to growth in the need for an exchange of data across international borders, bringing with it significant responsibility from a [...]

By |2024-07-29T16:38:22+01:0025th July, 2024|Data Transfer, DPO, Governments, Life Sciences, News|

The US privacy landscape in mid-2024: How new state laws impact marketing, AI, and the health sector

Until relatively recently, US businesses faced few restrictions on their collection and use of personal data. In 2024, while gaps in rights and protections remain, the US has arguably become one of the most complex privacy landscapes in the world.  In July 2024, three important state privacy laws took effect, taking the total number [...]

By |2024-07-29T16:36:59+01:0024th July, 2024|DPO, Governments, Life Sciences, News, US, US Privacy Law|

CrowdStrike outage – key lessons for DPOs and CPOs

The 19 July CrowdStrike software update that resulted in a global cyber crash, affecting critical services across various industries, including hospitals, airlines, and financial institutions, has had many people reviewing their privacy and cyber processes. Estimates currently stand at 8.5m computers affected - around 1% of Windows machines worldwide.  Unprecedented in its size, the [...]

By |2024-07-24T20:35:56+01:0022nd July, 2024|Cybersecurity, DPO, Governments, News|

Latest roundup in global data protection and privacy

Thailand PDPC publishes criteria for personal data deletion, destruction, and de-identification  On June 14, 2024, the Personal Data Protection Committee (PDPC) released a draft notification under the Personal Data Protection Act 2019 (PDPA), outlining the criteria for data controllers on how to delete, destroy, or de-identify personal data.  According to the PDPA, a data [...]

By |2024-06-28T10:26:52+01:0027th June, 2024|DPO, Governments, News|
Go to Top