Muutke küpsiste eelistusi

Determann's Field Guide to Data Privacy Law: International Corporate Compliance: Second Edition 2nd edition [Pehme köide]

4.27/5 (21 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 232 pages, kõrgus x laius: 216x138 mm
  • Sari: Elgar Practical Guides
  • Ilmumisaeg: 30-Jan-2015
  • Kirjastus: Edward Elgar Publishing Ltd
  • ISBN-10: 1784714992
  • ISBN-13: 9781784714994
Teised raamatud teemal:
  • Pehme köide
  • Hind: 84,25 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
Determann's Field Guide to Data Privacy Law: International Corporate Compliance: Second Edition 2nd editionSuurem pilt
  • Formaat: Paperback / softback, 232 pages, kõrgus x laius: 216x138 mm
  • Sari: Elgar Practical Guides
  • Ilmumisaeg: 30-Jan-2015
  • Kirjastus: Edward Elgar Publishing Ltd
  • ISBN-10: 1784714992
  • ISBN-13: 9781784714994
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781784714994.html
Märksõnad:
Companies, lawyers, privacy officers, developers, marketing and IT professionals face privacy issues more and more frequently. Much information is freely available but it can be difficult to get a grasp on a problem quickly, without getting lost in details and advocacy. This is where Determann's Field Guide to Data Privacy Law comes into its own - helping to identify issues and provide concise practical guidance in an increasingly complex field shaped by rapid change in international laws, technology and society.Now in a second, updated and revised edition, with new material covering issues such as big data, data brokers and spying, Determann's Field Guide focuses on the compliance issues that are likely to be encountered by the majority of companies. Starting with an overview of the key concepts in the field, in order to provide a basic understanding of data privacy, the book offers practical advice on initiating, maintaining and then auditing a compliance program, with checklists designed to assist this process. The book also gives step-by-step guidance on drafting documentation for data privacy compliance, including notices, consent forms, agreements, protocols, request forms and government notifications, and provides sample documentation to use as a model.

A handy A-Z of data privacy compliance completes the book and gives a concise tour of privacy-related issues, from Advertising to Zip Codes. Lightweight enough to carry around, the book should be on the desk and in the briefcase of every compliance officer and corporate counsel.

New to this Edition:











Coverage of new topics such as big data, data brokers, spying and binding corporate rules for processors. Commentary on legislative changes including: EU data protection regulation, APEC data protection law harmonization, COPPA, HIPAA, ROSCA, EU cookies regulations and laws prohibiting compelled social media password disclosure. Smaller, handier format.







Key Features:











Concise overview of the practical requirements of data privacy compliance. Step-by-step guide to starting and maintaining a compliance programme. Advice on drafting documentation gives the user the tools to complete an end-to-end process. Glossaries of key acronyms and terms help the user to navigate through the field. Includes sample documentation and checklists to ensure the clearest possible guidance. Clear structure facilitates quick reference. A-Z of data privacy provides snapshot of key topics.

Arvustused

'Lothar Determann has done a great service to the field of privacy by providing practical, workable advice for a dynamic and challenging issue. This Field Guide will certainly be a valuable and soon dog-eared, addition to any privacy professional's reference library.' -- J. Trevor Hughes, President and CEO, International Association of Privacy Professionals (IAPP) 'Determann's Field Guide to Data Privacy Law is an indispensable handbook for international privacy professionals. Written by a star lawyer, it explains how to develop and maintain a corporate privacy compliance program. The book manages both to explain the "big picture" of global privacy challenges and to point out relevant details in a clear and concise fashion.' -- Paul M. Schwartz, Berkeley Center for Law & Technology, University of California, Berkeley, School of Law (Boalt Hall), US 'Lothar Determann is Silicon Valley's go-to data privacy expert. Determann's Field Guide to Data Privacy Law is a practical and accessible guide for non-experts. I use it any time I encounter a new data privacy issue.' -- Josh Faddis, Vice President, General Counsel, Veeva Systems Inc., US 'Determann's Field Guide to Data Privacy Law allows privacy professionals to see the light at the end of the tunnel. The overview, practical advice, methodical organization and thoroughness distill down the complex world of international privacy, while also providing the necessary context behind these requirements. A must-have.' -- Jeremy Livianu, Esq., Healthcare Compliance Officer, Associate Director, Legal Affairs, Nevro Corp, US

About this second edition, contributors and the author x
Key terms xii
How to use this Field Guide 1(3)
1 Key concepts
4(10)
1.1 The field: data protection, privacy and security
4(2)
1.1.1 Data protection
4(1)
1.1.2 Data privacy
5(1)
1.1.3 Data security
6(1)
1.1.4 Data privacy as an umbrella term
6(1)
1.2 The territory: Europe, United States and ROW
6(1)
1.3 The species: personal data, PII and sensitive data
7(3)
1.3.1 Personal data
8(1)
1.3.2 Personally identifiable information (PII)
9(1)
1.3.3 Sensitive data
9(1)
1.4 Activities encountered: transfers and other forms of processing
10(2)
1.5 The observed: data controllers, processors
12(1)
1.6 The game wardens: data protection authorities, officers
13(1)
2 Starting a compliance program
14(26)
2.1 Taking charge
14(2)
2.2 Working with internal stakeholders and outside advisors
16(1)
2.2.1 Internal stakeholders
16(1)
2.2.2 Outside advisors
16(1)
2.3 Appointing a privacy officer
17(6)
2.3.1 Requirement to appoint a data protection officer under German law
18(3)
2.3.2 Mandatory or beneficial appointments in other jurisdictions
21(2)
2.4 Preparing a task list
23(15)
2.4.1 Take inventory of your data
26(1)
2.4.2 Define your objective and priorities
26(1)
2.4.3 Find the best approach for your company
27(2)
2.4.4 Identify legal and other requirements
29(2)
2.4.5 Data privacy by region -- an overview for orientation purposes
31(3)
2.4.6 What other laws and requirements have to be considered?
34(1)
2.4.7 Identify applicable substantive compliance requirements
34(3)
2.4.8 Identify applicable formal compliance requirements
37(1)
2.5 Executing tasks
38(2)
3 International data transfers
40(28)
3.1 Three hurdles
42(6)
3.2 Compliance mechanisms compared
48(10)
3.2.1 Consent and contracts can offer flexibilities
48(1)
3.2.2 Geographical and topical coverage of data and transfers
49(1)
3.2.3 Implementation costs and timing
50(1)
3.2.4 Ongoing administration
51(1)
3.2.5 Onward transfers
52(2)
3.2.6 Submission to European law and jurisdiction
54(1)
3.2.7 Customer and public relations benefits
55(3)
3.3 Implementation
58(8)
3.3.1 Statutory, contractual transfer obligations
58(3)
3.3.2 Consent
61(1)
3.3.3 Data transfers based on standard contractual clauses
61(2)
3.3.4 Safe Harbor Certification
63(2)
3.3.5 Binding Corporate Rules
65(1)
3.4 Data transfers from countries outside the EEA
66(2)
4 Drafting documentation
68(42)
4.1 Why are you creating the document?
68(3)
4.1.1 Legal purposes
69(1)
4.1.2 Marketing purposes
70(1)
4.1.3 Organizational purposes
71(1)
4.2 Who is your audience?
71(2)
4.3 Categories and examples of documentation
73(2)
4.3.1 Other labels, e.g., policies
74(1)
4.4 Notices
75(10)
4.4.1 To whom do you have to issue notices?
78(1)
4.4.2 Who should issue notices -- service provider or customer?
78(1)
4.4.3 Which topics do you typically have to address in privacy notices?
79(5)
4.4.4 Form and delivery requirements
84(1)
4.5 Consent
85(3)
4.6 How to obtain valid consent
88(2)
4.7 Opt-in, out and in between
90(4)
4.7.1 Examples of consent mechanisms
90(2)
4.7.2 Minimum requirements
92(1)
4.7.3 Selecting implementation options
92(1)
4.7.4 Silence as consent
92(1)
4.7.5 Affirmative, express consent
93(1)
4.8 Above and beyond opt-in consent
94(1)
4.9 Other considerations for consent drafting
95(3)
4.9.1 Incorporation of notices into consent declarations
95(1)
4.9.2 Expressing focused consent
96(1)
4.9.3 Placement of consent mechanism and declaration
97(1)
4.9.4 Who should obtain consent -- data controller or processor?
97(1)
4.10 Agreements
98(6)
4.10.1 Agreements with data subjects vs. consent from data subjects
98(1)
4.10.2 Asking for an express acceptance of website privacy statements or general privacy notices
98(2)
4.10.3 Agreements instead of consent
100(1)
4.10.4 Commercial agreements between companies
100(2)
4.10.5 Terms for data processing services agreements
102(2)
4.11 Protocols
104(1)
4.12 Questionnaires and data submission forms
105(1)
4.13 Documenting decisions and compliance efforts
106(1)
4.14 Government notifications, approvals
107(3)
5 Maintaining and auditing data privacy compliance programs
110(5)
5.1 The maintenance challenge
110(1)
5.2 Documentation
110(1)
5.3 Taking over or auditing an existing compliance program
110(2)
5.4 Due diligence in M&A scenarios
112(3)
5.4.1 Due diligence on service providers and vendors
113(2)
6 Data privacy A--Z
115(86)
Advertising
116(2)
Big data, data brokers and the Internet of everything
118(2)
Cloud computing
120(14)
Data retention
134(4)
Employee data and monitoring
138(12)
Financial information
150(1)
Government investigations, information requests
151(3)
Health information
154(2)
Information processing fairness -- FIPs
156(2)
Jurisdiction
158(3)
K -- Contracts
161(1)
Location data
162(1)
Minors
163(1)
Notification of data security breaches and other notices and notifications
164(5)
Ownership
169(1)
Privacy by design
170(1)
Questionnaires
171(1)
Rights, remedies, enforcement
172(5)
Social media
177(2)
Tracking
179(5)
Unsolicited communications (spam email, cold calls, etc.)
184(6)
Vendor management
190(2)
Wiretapping
192(1)
X-rays, genes, fingerprints, faces -- biometric data
193(2)
Y -- Why protect data privacy?
195(3)
Zip codes, IP addresses and other numbers
198(3)
Checklist 201(4)
Resources 205(2)
Abbreviations 207(4)
Index 211
Lothar Determann, Baker & McKenzie LLP, Palo Alto, USA; Freie Universität Berlin, Germany; University of California, Berkeley School of Law, USA