The revised French Health Data Hosting (HDS) certification framework, published on May 16, 2024, in the Official Journal, addresses data localization and transfers amidst concerns about digital sovereignty. The new provisions...more
On May 16, 2024, the CNIL announced a critical public consultation and three significant updates to adapt health research regulations in France. These updates, focusing on remote quality control, home monitoring, and...more
The CNIL has launched an investigation into a significant data breach affecting over 33 million individuals in France, involving third-party payment operators Viamedis and Almerys. It is the biggest breach in France involving...more
The French Data Protection Authority (the "CNIL") has just published two new reference methodologies for research, studies, or evaluations necessitating access to the data in the French Healthcare database. These new...more
The French Data Protection Authority (CNIL) is still seeking input from Artificial Intelligence (AI) stakeholders on how to ensure that AI systems comply with data protection laws. Use of large amount of data and data...more
A few days after the European Parliament adoption of a compromise position on the Artificial Intelligence Act (the “AI Act”), the French Data Protection Authority (the “CNIL”) published, on 16 May 2023, a detailed 4-step...more
Les derniers mois ont vu une activité bouillonnante de la CNIL avec l’adoption de nombreuses délibérations. Nous avons analysé ces décisions pour comprendre les principales orientations prises par l’autorité française....more
While the French Data Protection Authority (the "CNIL") has consistently emphasized the importance of protecting health data, there will be even more focus for 2023 with more investigations and sanctions in this sector. The...more
The healthcare sector is a current focus of the French data protection authority (CNIL) which just published two draft standards regarding processing of personal data in the context of Early Access and Compassionate Access....more
Le 15 février 2022, la CNIL a publié deux projets de référentiels. Ces référentiels étaient très attendus car l’Autorisation Unique 041 sur les traitements de données personnelles dans le cadre des Autorisations Temporaires...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
Companies in the life sciences and health care industry, like most companies, navigated unparalleled challenges in 2020. But unlike other industries, they had to do so while simultaneously facing the biggest challenge of all...more
The French Data Protection Authority (CNIL) has recently released new guidelines (French only) regarding human resources processing operations. ...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
11/22/2019
/ Burden of Proof ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
Evidence ,
Forum Shopping ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Litigation Strategies ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Risk Management ,
Russia
Whilst political uncertainty may have businesses’ attention fixed, the Hogan Lovells Global Survey on Digital Regulation: ‘A Turning Point for Tech’ suggests that tech companies should be looking elsewhere. During yesterday’s...more
10/31/2019
/ 5G Network ,
Big Tech ,
Business Model ,
Competition ,
Copyright ,
Corporate Taxes ,
Cybersecurity ,
Data Protection ,
Digital Platforms ,
Enforcement Programs ,
EU ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Privacy Concerns ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Standards ,
United Arab Emirates (UAE)
The French Data Protection Authority (the CNIL) published its assessment of the first four months of GDPR and several guidelines, including one on how to make a GDPR compliant blockchain. ...more
10/11/2018
/ Big Data ,
Biometric Information ,
Blockchain ,
CCTV ,
CNIL ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Distributed Ledger Technology (DLT) ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Right to Erasure