A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
If you’re not accustomed to handling data subject access requests (DSARs), then it’s understandable if you feel a bit nervous about responding. After all, there are all sorts of legal requirements involved and the potential...more
On April 2, the California Privacy Protection Agency (CPPA or “the Agency”) issued the Agency’s first-ever enforcement advisory. The advisory (“Applying Data Minimization to Consumer Requests”) reaffirms data minimization as...more
Getting into compliance with the California Consumer Privacy Act (CCPA) can seem like an overwhelming task. After all, the law is comprised not only of a dense statute and detailed regulations, but the amendment effective...more
The ability to verify compliance with applicable law, notice and opt-out requirements for subcontractors, and flowing through data minimization principles are key requirements under new US state data protection laws. As...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
In the last few years, data privacy laws and regulations have been big news. Much of the coverage—including one of our recent blog posts—concerned website compliance. Companies scrambled to post notices and forms on their...more
If you are responsible for handling data subject requests made pursuant to the EU General Data Protection Regulation or verified consumer requests made pursuant to the California Consumer Privacy Act, chances are you have...more
When it comes to data privacy law, change is the only constant. The global pandemic unleashed a new set of risks related to data privacy that companies will have to confront in 2021. But despite the COVID chaos, data privacy...more
As one of the oldest and most recognized data privacy and security practices, we have had the honor of helping dozens of companies set up and evolve their data privacy programs over the past decade. That experience has given...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
The first landmark data privacy law in the United States goes into effect Jan. 1, 2020. The California Consumer Privacy Act (CCPA) is set to be the toughest privacy law in the country and will apply to more than 500,000 U.S....more
On September 17, 2019, Amanda Witt, co-leader of Kilpatrick Townsend’s Cybersecurity, Privacy and Data Governance practice, moderated a panel for the International Section of the Georgia Bar that consisted of seasoned...more
The California Consumer Privacy Act ("CCPA") was enacted in early 2018 as a political compromise to stave off a poorly drafted, and plaintiff’s friendly ballot initiative. Although the CCPA is scheduled to go into force in...more