Individuals have the right to receive meaningful information about solely automated decisions with significant effects under the General Data Protection Regulation (GDPR). This includes decisions that will impact an individual’s finances or employment. But how much information are
On December 27, 2024, the United States Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), issued a proposed rule to improve data protection measures in the healthcare sector.
Learn more about the
On 24 December 2024, Malaysia’s Minister of Digital stipulated the dates on which the provisions of the Malaysian Personal Data Protection (Amendment) Act 2024 (Amendment Act) will come into force. The Amendment Act will take effect in three
On December 5, 2024, the Canadian Securities Administrators (CSA) released CSA Staff Notice and Consultation 11-348 – Applicability of Canadian Securities Laws and the Use of Artificial Intelligence Systems in Capital Markets (the Notice). The Notice was
On 16 July 2024, the Malaysian Dewan Rakyat (House of Representatives of the Malaysian Parliament) passed the Personal Data Protection (Amendment) Bill 2024 (the PDP Bill). The PDP Bill, which had been under review by the Malaysian Government for
On 1 and 2 February 2024, at the fourth 4th ASEAN Digital Ministers Meeting (ADGMIN) in Singapore, ASEAN[1] unveiled:
In our previous post, we discussed specific considerations for common boilerplate provisions in data processing agreements (DPAs). Due to the sensitivity of data transfers and privacy laws, DPAs require careful drafting to ensure the data processor complies with appropriate
Modern businesses collect and process personal information about their customers and employees for the benefit of their business – these benefits include identifying opportunities to enhance their products or services, streamlining operations, reducing costs or maximizing profits. Processing such data
The UK Information Commissioner’s Office (ICO) published its final guidance on monitoring workers on 3 October 2023 (the Guidance). The Guidance is aimed at employers across both the private and public sector. Responding to the rise of remote working and
With most provisions of the Act to modernize legislative provisions as regards the protection of personal information (Act 25) having just come into effect on September 22, public bodies and enterprises (organizations) will now need to conduct privacy impact assessments