Tag Archives: Risk-Based Approach

China Releases Draft Guidelines on Cross-Border Data Transfers Pursuant to the Cybersecurity Law

Recently, the National Information Security Standardization Technical Committee of China published draft guidelines on cross-border transfers pursuant to the new Cybersecurity Law, entitled Information Security Technology – Guidelines for Data Cross-Border Transfer Security Assessment. Once finalized, the Guidelines are intended to establish norms regarding security assessments conducted in the context of cross-border data transfers. … Continue Reading

CIPL Issues White Paper on High Risk and DPIAs under the GDPR

On December 21, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper on Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR. The White Paper sets forth guidance and recommendations concerning the interpretation and implementation of the GDPR’s provisions relating to risk and risk assessment.… Continue Reading

CIPL Hosts Workshop on Transparency and Risk Assessment

On October 20, 2016, the Centre for Information Policy Leadership hosted a side workshop at the International Conference of Data Protection & Privacy Commissioners focused on transparency and risk assessment, entitled “The Role of Risk Assessment and Transparency in Enabling Organizational Accountability in the Digital Economy.”… Continue Reading

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Last month, the Centre for Information Policy Leadership held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. The purpose of the project is to provide a forum for stakeholders to promote EU-wide consistency in implementing the GDPR, encourage forward-thinking and future-proof interpretations of key GDPR provisions, develop and share relevant best practices, and foster a culture of trust and collaboration between regulators and industry. … Continue Reading

Final Rules for the Data Privacy Act Published in the Philippines

Recently, the National Privacy Commission of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012. The IRR has a promulgation date of August 24, 2016, and went into effect 15 days after the publication in the official Gazette. … Continue Reading

Brazil Releases Revised Draft Privacy Bill

In late October, the Brazilian Ministry of Justice (the “Ministry”) issued its revised Draft Bill for the Protection of Personal Data (“Draft Bill”). The Ministry released its preliminary draft in January 2015, and the Centre for Information Policy Leadership at Hunton & Williams LLP (“CIPL”) filed public comments to the draft on May 5, 2015.… Continue Reading

DataGuidance Hosts Webinar on Brazil’s Draft Privacy Law

On June 24, 2015, DataGuidance will host a complimentary webinar on Brazil: Towards Privacy Compliance, and the panel of speakers includes Bojana Bellamy, President of the Centre for Information Policy Leadership at Hunton & Williams. This blog entry provides a link to register for the event.… Continue Reading

Risk-Based Approach – New Thinking for Regulating Privacy

On February 11, 2015, the International Association of Privacy Professionals Australian New Zealand (“iappANZ”) will host a discussion on the risk-based approach to privacy in Sydney, Australia. Richard Thomas, Global Strategy Advisor for the Centre for Information Policy Leadership at Hunton & Williams (the “Centre”), will present the Centre’s contributions to this topic including the … Continue Reading

Centre for Information Policy Leadership Discusses Privacy Risk Management at the OECD Working Party on Security and Privacy in the Digital Economy

Former UK Information Commissioner and Centre for Information Policy Leadership Global Strategy Advisor Richard Thomas was invited to make a presentation at a roundtable on Privacy Risk Management and Next Steps at the Organization for Economic Cooperation and Development’s 37th meeting of the Working Party on Security and Privacy in the Digital Economy. … Continue Reading

Centre Discusses the Risk-Based Approach to Privacy and APEC-EU Interoperability at IAPP Brussels

At the IAPP's recent Europe Data Protection Congress in Brussels, the Centre for Information Policy Leadership at Hunton & Williams led two panels on the risk-based approach to privacy as a tool for implementing existing privacy principles more effectively and on codes of conduct as a means for creating interoperability between different privacy regimes.… Continue Reading

Centre’s Risk Workshop II in Brussels Emphasizes that Risk-Based Approach to Privacy Does Not Change Legal Obligations but Helps Calibrate Their Effective Implementation

On November 18, 2014, the Centre for Information Policy Leadership at Hunton & Williams held the second workshop in its ongoing work on the risk-based approach to privacy and a Privacy Risk Framework. Approximately 70 Centre members, privacy regulators and other privacy experts met in Brussels to discuss the benefits and challenges of the risk-based approach, operationalizing risk assessments within organizations, and employing risk analysis in enforcement. … Continue Reading

IAPP Europe Data Protection Congress 2014

Join us at the International Association of Privacy Professionals (“IAPP”) Data Protection Congress in Brussels, November 18-20, 2014. Hunton & Williams privacy professionals will be featured speakers in the following sessions:… Continue Reading

Council of the European Union Proposes Risk-Based Approach to Compliance Obligations

The Council of the European Union has published proposed revisions to Chapter IV of the forthcoming EU General Data Protection Regulation. The proposed revisions take a risk-based approach to compliance and allow data controllers to exercise greater discretion and flexibility in assessing how to address their compliance responsibilities in the context of their particular businesses.… Continue Reading

APEC Privacy Update – Beijing Meetings

On August 6-10, 2014, the APEC Data Privacy Subgroup and the Electronic Commerce Steering Group met in Beijing to focus on the further implementation of the APEC Cross-Border Privacy Rules system and related work relevant to cross-border interoperability. The Centre for Information Policy Leadership at Hunton and Williams participated as part of the U.S. delegation and provides highlights in this blog entry.… Continue Reading

Hunton Global Privacy Update – July 2014

On July 15, 2014, the Hunton and Williams Global Privacy and Cybersecurity practice group hosted the latest webcast in its Hunton Global Privacy Update series. This blog post provides a link to a recording of the session, and to previous recordings in the series. … Continue Reading
LexBlog