DataPrivacy CMO Kohei Kurihara’s Post

Learn it. Austria: The limits of privacy in the world of work: Are employers allowed to read their employees' emails? https://buff.ly/4aoAtZq #tech #digital #data #privacy

The Information Commissioner's Office published guidance for employers on monitoring workers transparently and fairly. With the increasing use of Artificial Intelligence in the workplace, employers may be tempted to leverage these emerging technologies. Learn more about the ICO's guidance in K&L Gates' latest Privacy alert: Employment Practices and Data Protection: Monitoring Workers 101 with Sophie Levitt. Stay compliant and build trust with your employees, customers, and service users. #DataProtection #Privacy #ArtificialIntelligence #Compliance #UKGDPR #Compliance

Do your recruitment processes prioritize informed consent and compliance with data privacy regulations? Learn through Norah Wallace's journey, about the importance of navigating privacy regulations effectively. From managing data retention to conducting social media checks and health inquiries, Norah's experiences prompt critical discussions on data protection practices. We provide expert advice on addressing candidate concerns, ensuring transparency, and maintaining compliance with relevant laws. Read more about Norah’s journey: https://lnkd.in/dSPQzPad. #HR #DataPrivacy #RecruitmentCompliance #PrivIQ

Just finished reading an insightful article about the growing impact of data privacy laws on both consumers and employees. With new regulations constantly emerging, it's not just about compliance anymore—it’s about building trust. Consumers are more aware than ever of their rights, and employees are becoming increasingly conscious of how their personal data is handled. From my experience, it's essential for organisations to move beyond mere checkbox compliance and foster a culture of privacy. This involves transparent communication, continuous education, and putting systems in place that genuinely protect personal data. One thing I’d stress is the importance of making data privacy a core part of your company’s values, not just a legal obligation. It’s about respecting the individuals behind the data and ensuring they feel safe and secure. Would love to hear your thoughts on how your organisations are navigating these challenges! #DataPrivacy #Compliance #Trust #CorporateCulture https://lnkd.in/eYP2D5d7

📧⚖️ Navigating the terrain of accessing employee emails demands a nuanced approach, striking a delicate balance between business needs and privacy rights. In an article by our colleague Tania Vanessa Eslava Suárez, she explores the complexities involved in the light of personal data protection. Corporate emails, considered by some as fair game, are laden with personal data triggering the full spectrum of GDPR regulations. Drawing insights from European authority decisions, the article provides lessons and cautions. It underscores the importance of transparency, a solid legal basis, data minimization, and tailored policies to navigate this high-impact processing activity while respecting employee privacy. A must-read for businesses navigating the intricate GDPR landscape! 🌐🔍 #GDPR #DataPrivacy #EmployeeRights Read the full article here: https://lnkd.in/enxUth4H

_____EX-EMPLOYEES AND THEIR PERSONAL DATA______ Disgruntled employees, annoying data principal requests and privacy cases. These are some things which companies will have to think about lest face a nightmare. Earlier a grief-stricken employee could not have done anything other than put a shaming post on LinkedIn, but here comes a new law, the Digital Personal Data Protection Act, 2023. Companies to think what they do to an ex-employee’s personal data Companies are in a habit of retaining extensive personal data. A person’s name, address, phone number, medical details, last drawn salary to name a few. Earlier, no one gave a second thought to piles of personal data, lying in companies’ systems. Possibly because ‘Right to privacy’ was not recognized in India and generally privacy awareness has been low. But since the DPDPA has been passed by the Indian Parliament, there are compliances. Companies post DPDPA The new privacy law mandates that anyone taking personal data has to follow these general rules which can be explained through these examples- ·     Take consent from employees while processing their personal data. There are exemptions here, but those are applicable only for current employees. ·     An ex-employee can request for his personal data to be erased or modified. ·     Ex- employee can also request for any processing taking place with their personal data to be halted. ·     Ex-employee can also request for access to his personal data. This means company will have to explain in a consolidated form as to what personal data do they have of the ex-employee and any data that they may be sharing with third parties. How this can become a nightmare for companies Companies are not used to dealing with ex-employees. Generally ex-employees are ‘ex’ so when they leave, there is a halt in relationship between their and companies relationship. But if the company holds on to an ex-employees personal data in any way then they are subject to compliances. And non-adhrerence will have consequences. Consequences as large as Rs. 50 crores. Disgruntled or grief stricken employees may use this right and pose legal requests to the employer. If the employer has not acted on its privacy compliances then they may not be able to adhere to an ex-employees requests. When the law is fully operationalized, companies will have to acknowledge ex-employees requests in a timely manner and respond with actual results. Not doing it can trigger a law suit very easily. How companies should safeguard themselves? To safeguard itself, companies will have to act more seriously on their DPDPA compliances or else they may find themselves in middle of many privacy law suits. Companies will have to implement privacy inside their organization, build policies and SPO’s. This process is known as Data Protection Impact Assessment. Only if they are actually serious will they be able to manoeuvre through the precipitous slopes. #DPDPA #Personaldata #Privacy

For years, #HR dodged the data privacy bullet. However, with the passage of new state consumer data privacy laws the debate as to whether #employment data should be treated the same as #consumer (customer) data has been more than re-kindled, it’s now the law. This article shows dives deeper on exactly who is covered by these laws, the seven new #employee #privacy rights, and operational steps to begin your workplace #data privacy program. https://bit.ly/3ujJN0Y

What does the Digital Personal Data Protection (DPDP) Act, 2023 signify for employee data protection in the workplace? In my latest blog, I explore India’s evolving privacy landscape, obligations of employers and the challenges it may pose for them, as the new law gets enforced.  ➡ Employers are data fiduciaries under the DPDP Act and are accountable for protecting their employees’ digital personal data. ➡ The law empowers employees with a set of rights over their personal data. They will also have a mechanism for redressing grievances against their employers. ➡ Employees’ personal data can be processed on two grounds – legitimate use cases or consent. Both have different implications and need to be evaluated carefully.  ➡ Organisations need to pay close attention to all their internal and external data flows. Major risks could arise due to data sharing among group companies or outsourcing data to third parties. ➡ Failure to establish reasonable security safeguards to prevent personal data breaches could result in penalties up to INR 250 cr. These are early days for the privacy regime in India and people will be a key aspect of data governance in any organisation. There is much that can be done to prepare for the new law till the Rules under it get notified. I discuss how organisations can assess their data protection risks and build a privacy-oriented culture in the months leading up to enforcement of the law. The blog is up on the DeepStrat website. Click on this link to read more - https://lnkd.in/gYvKHJ5A Saikat Datta | Anand Venkatanarayanan #dpdp #dataprotection #privacy #employeedata

As workplace technology evolves, so too does the landscape of legal obligations to protect employee data. With states increasingly enacting privacy laws that extend to employee data, employers must stay vigilant and proactive to ensure compliance and protect their businesses from potential legal repercussions. This has been highlighted in an article by Corporate Compliance Insights. Find below some recommendations that by implementing, employers can better navigate the complexities of employee data privacy, ensuring both compliance with the law and the trust of their employees. In the modern digital workplace, a proactive approach to data privacy is not just a legal requirement—it's a cornerstone of ethical business practice. #compliance #dataprivacy https://lnkd.in/eu-ttRtP

Caught in the delicate balance between stakeholder interests and data protection standards... ... a Privacy Officers play a crucial role in navigating the challenges that come with it. In an insightful article, Aldila Irsyad, explores strategies for Privacy Officers to influence stakeholders and meeting data protection obligations at the same time in three parts. 1️⃣ Draw the Line: Assessing Risks Effectively That is establish the organization's risk appetite before engaging with stakeholders, considering legal requirements, enforcement trackers, and evaluating reputational and financial risks. 2️⃣ Understand Goals, Not Just Systems Comprehensive understanding of a processing activity's specific purposes is essential, since knowing individual stakeholder goals is crucial to understanding any reluctance or rejection of advice. 3️⃣ Position Yourself as a Helper, Not a Hurdle Privacy Officers should position themselves as allies in achieving stakeholders' goals, by bridging gaps and simplify complex processes, ensuring a collaborative approach. 🚀 Read the full article by Aldila Irsyad for a deeper dive into these strategic approaches: https://hubs.la/Q02lVWxs0 #Privacy #DataProtection #Compliance #StakeholderInfluence