By

Dean C. Forbes

21 November 2017

Jamaica’s New Privacy Protection Bill

On 10 October 2017, Jamaica introduced into its House of Parliament a comprehensive Bill for privacy and data protection, entitled “An Act to Protect the Privacy of Certain Data and for Connected Matters.”  The new law would cover personal data, including data in an “accessible record” such as a health record or an educational record.  If passed, the new law will be named the “Data Protection Act, 2017.”  (more…)

SHARE
EmailPrintShare
23 August 2017

FTC Uber Settlement Mandates a Comprehensive Privacy Program, Sheds Light on “Reasonable Data Security” Expectations, and Underscores Importance of Insider Threat Prevention

On August 15, the FTC announced that it had reached an agreement with Uber to settle allegations that the company had made deceptive claims about its privacy and data security practices. The FTC’s settlement with Uber has important implications for privacy and data security measures that companies could take, and the representations they and their employees make in these areas. It also shed greater light on what the FTC means by “reasonable data security” measures that companies should implement, and underscores the importance of maintaining a robust insider threat prevention program. (more…)

SHARE
EmailPrintShare
24 February 2017

New NACD Cyber-Risk Handbook a Reminder of Critical Board Oversight Duties

*This article first appeared in Bloomberg BNA Corporate Law & Accountability Report on February 23, 2017

On Jan. 12, 2017, the National Association of Corporate Directors (NACD) released its new “NACD Director’s Handbook on Cyber-Risk Oversight.” The NACD has suggested that directors can use this Cyber-Risk Oversight Handbook as a resource to “[l]earn foundational principles for board-level cyber-risk oversight” and gain insight into issues including how to:

  • “allocate cyber-risk oversight responsibilities at the board level”;
  • address “legal implications and considerations related to cybersecurity”;
  • “set expectations with management about the organization’s cybersecurity processes”;
  • “improve the dialogue between directors and management on cyber issues”; and,
  • “improve and enhance boardroom practices.”

Read More

SHARE
EmailPrintShare
XSLT Plugin by BMI Calculator