As companies struggle to protect and safeguard personal information, managing the legal responsibilities related to processing personal data consistent with applicable laws is a growing challenge. A well-constructed and comprehensive compliance program can provide an effective risk-management tool. Our colleagues from the DLA Piper Information Law Team have published a handbook with an overview of the applicable privacy and data protection laws and regulations across 58 different jurisdictions, including a section on enforcement. Edited by Cameron Craig, Paul McCormack, Jim Halpert, Kate Lucente, and Arthur Cheuk, the DLA Piper 2011/2012 Data Protection Laws of the World Handbook is available here.
CONTRIBUTED BY Jennifer Kashatus
Virtually every company maintains some personal information – your company might hold personal information about employees, customers, or both. The precise definition of personal information varies by state and/or statute, but, as a general matter, includes information that is capable of identifying a natural person such as (but not limited to) first name and/or initial plus last name, in combination with a postal address, social security number, driver’s license number or other state issued identification number, or financial account number, such as a bank account number or a credit card number.
Whatever personal information your company possesses, your company should take measures—and, in fact, may be required by law to take measures—to protect that information. To appropriately handle personal information and to protect one of your most valuable assets—information—take stock of the information that your company maintains as the starting point to getting your privacy house in order.
Courtesy of our DLA Piper colleagues Jim Halpert, Sydney M. White, Kate Lucente, and Haris H. Khan is a summary of the FTC's recent proposal for modifying the Children’s Online Privacy Protection Act (COPPA) Rule. COPPA heavily regulates the collection, use and disclosure of personal information from online users who are known to be under 13 years old and from sites and online services targeted to this population.