Remove 2015 Remove Compliance Remove Data protection
article thumbnail

You Subpoenaed My Documents, Shouldn’t You Pay for Them?

Percipient

Or it received a data request from a consumer under the GDPR or California Consumer Privacy Act. If the subpoena issued is in federal litigation, your company is likely responsible for the cost of compliance, especially if it has a connection to the litigation. Who covers the expense in responding to it? Cardinal Growth, L.P. ,

article thumbnail

Data Minimization – Recent Enforcement Actions Show Why Some Companies Need to Get Rid of Old Electronic Records

Debevoise Data Blog

A senior officer or director of the regulated entity must certify compliance with the NYDFS Cyber Rules annually, including the data minimization obligation. Under this requirement, businesses need to establish time limits for data deletion and to institute a periodic review of the necessity for continued data retention.

professionals

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Take Three: New European Adequacy Decision Gives Green Light to EU-U.S. Data Protection Framework

Debevoise Data Blog

Data Privacy Framework (the “DPF”). The decision enables businesses in Europe to transfer personal data to DPF-certified U.S. businesses without having to implement additional data protection safeguards. Once certified, compliance with the Principles can be enforced under U.S. The DPF is the third U.S.

article thumbnail

Third Time’s a Charm: European Commission adopts EU-U.S. Data Privacy Framework

Technology Law Dispatch

Data Privacy Framework (Framework) on July 10, 2023. EU Safe Harbor in 2015, and the U.S.-EU Monitoring and enforcement The DOC will monitor compliance with the Framework and carry out random spot checks as well as investigate potential compliance issues, such as when reported to the DOC by third parties.