Article 29 Working Party

The Centre for Information Policy Leadership at Hunton Andrews Kurth has submitted its response to the European Data Protection Board consultation on draft guidelines on examples regarding data breach notification. CIPL welcomes the Guidelines which come at a time at which cyber attacks are surging as a result of the move to remote working triggered by the COVID-19 crisis, and should help organizations avoid over-reporting.
Continue Reading CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification

On January 18, 2021, the European Data Protection Board released draft Guidelines 01/2021 on Examples regarding Data Breach Notification. The Guidelines aim to assist data controllers in deciding how to handle data breaches, including by identifying the factors that they must take into account when conducting risk assessments to determine whether a breach must be reported to relevant supervisory authorities and/or the affected data subjects.
Continue Reading EDPB Publishes Guidelines on Examples regarding Data Breach Notification

On April 12, 2019, the European Data Protection Board published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects. This blog entry provides an overview of the Guidelines.
Continue Reading EDPB Publishes Guidelines on the Contractual Legal Basis for Data Processing of Online Services

On October 22, 2018, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP co-hosted a workshop in Brussels on “Can GDPR Work for Health Scientific Research?” with the European Federation of Pharmaceutical Industries and Associations and the Future of Privacy Forum to address the challenges raised by the GDPR in conducting scientific health research.
Continue Reading CIPL Co-Hosts Workshop on GDPR and Scientific Health Research