What is PIPEDA? The Personal Information and Electronic Documents Act is a framework of legal guidelines for collection and processing of personal info of individuals within Canada. Or, in short, it’s a set of rules that companies need to follow to collect and protect a user’s data. PIPEDA applies to any private-sector organization within Canada as well as international companies that collect
Read more →Archive for the Compliance Category
What is HIPAA? HIPAA (often misspelled as HIPPA) is the Health Insurance Portability and Accountability Act of 1996. This US based law applies to how companies can collect, use, disclose, and store health related data. It also includes rules around how patients/individuals can get a copy of their own data and learn who else has accessed it. Given the global nature
Read more →What is the LGPD? The LGPD is the Brazilian version of the GDPR (General Data Protection Regulation). In Portuguese it is Lei Geralde Proteçãode Dados, or in English, General Law of Personal Protection. It is a framework of legal guidelines for collection and processing of personal info of individuals within Brazil. Or, in short, it’s a set of rules that companies need
Read more →What is the CCPA? The California Consumer Privacy Act is a framework of legal guidelines for collection and processing of personal info of individuals who reside in the state of California. Or, in short, it’s a set of rules that companies need to follow to collect and protect a user’s data. As of January 1st, 2020, any company that handles California residents’ data
Read more →I get it, Data Privacy Regulations are a pain. They are complicated and difficult to understand. Most of them are written in legalese. And, as a company, they take time and money to implement properly. But hear me out on this one… it will save you money in the long run to become compliant. In the past businesses were able
Read more →Before embarking on any kind of compliance it is important to understand what the requirements are and when you need to implement them. The GDPR (Global Data Protection Regulation) in the EU states that you have to run a DPIA (Data Protection Impact Assessment) if you are using any data that is highly sensitive or could be high risk if
Read more →What is the GDPR? The General Data Protection Regulation is a framework of legal guidelines for collection and processing of personal info of individuals within the European Union. Or, in short, it’s a set of rules that companies need to follow to collect and protect a user’s data. As of May 25th, 2018, any company, group, or individual, that handles
Read more →