This step-by-step plan from the FTC helps organizations determine whether they are covered by COPPA—and what to do to comply with the Rule, if so.
The following FAQs from the FTC are intended to supplement the compliance materials available on its website. This document serves as a small entity compliance guide and covers general questions about COPPA, enforcement, parental notice and consent and more.
The Privacy Commissioner of New Zealand developed this privacy checklist to help organizations figure out whether their client and staff information will be safe if they switch to cloud services.
Based on the FTC’s prior work in mobile privacy, panel discussions and written submissions, this report offers suggestions for the major participants in the mobile ecosystem as they work to improve mobile privacy disclosures.
Drawing on the core principles of its report Protecting Consumer Privacy in an Era of Rapid Change, the FTC released this staff report to help companies using facial recognition technologies protect consumers’ privacy as they use the technologies to create innovative new commercial products and services. It builds upon the discussions at the Face Facts workshop and the comments received thereafter to set forth a series of case studies illustrating recommended best practices for companies using or planning to use facial recognition technologies in their products or services. (2012)
This guidance from the UK Information Commissioner’s Office explains what organizations need to do to make sure they comply with the Data Protection Act when they archive or delete personal data.
This policy from the UK Information Commissioner’s Office outlines what the office will consider when deciding whether to initiate regulatory action. (August 2013)
Links to some of the approved Binding Corporate Rules, as published by Mehmet Munur, CIPP/US, of Tsibouris & Associates.
DLA Piper produced this handbook that sets out an overview of the applicable privacy and data protection laws and regulations across 63 different jurisdictions. (March 2013)
This is part of a series of guidance from the UK Information Commissioner’s Office that explains what organizations, and individuals who process personal data for purposes such as running a business, need to consider when they run, contribute to or download personal data from online forums such as social networking sites, message boards or blogs.
Through this site, Hunton & Williams offers a convenient means to access relevant materials, including draft legislation, opinions and submissions, to assist organizations in understanding and addressing key proposals that may have a significant impact on their business.
The National Conference of State Legislatures has posted a list of states that have enacted laws that require entities to destroy, dispose, or otherwise make personal information unreadable or undecipherable.
Revision 4 of the NIST guidelines released in April of 2013. This publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations, organizational assets, individuals, other organizations and the nation from a diverse set of threats. The security and privacy controls are customizable and implemented as part of an organization-wide process that manages information security and privacy risk.
This chart from the National Conference of State Legistaltures summarizes the identity theft criminal penalties, restitution and identity theft passport laws.
Page 3 of 9 pages < 1 2 3 4 5 > Last ›