This is Part 2 in a series of articles on the European Health Data Space (“EHDS“).  Part 1, which provides a general overview of the EHDS, is available here.

Alongside the better-known provisions of the EHDS dealing with secondary use of health data, the draft Regulation also sets out specific technical requirements

Continue Reading Requirements of EHR systems under the European Health Data Space

The UK has made several consequential amendments to its primary electronic surveillance law, the Investigatory Powers Act (“IPA”). These changes have the potential to impact the development of certain privacy-enhancing services by technology companies, whilst also widening the scope of the government’s access to certain electronic datasets. There is also the possibility of

Continue Reading UK: Changes to UK surveillance and communications law: the Investigatory Powers (Amendment) Act 2024.

In the rapid development of artificial intelligence (“AI”), regulators are playing catch up in creating frameworks to aid and regulate its development.

As the AI landscape begins to mature, different jurisdictions have begun to publish guidance and frameworks. Most recently, on 11 June 2024, Hong Kong’s Office of the Privacy Commissioner for Personal Data (“

Continue Reading HONG KONG: Artificial Intelligence – Model Personal Data Protection Framework

In March 2024, the Council of the European Union and the European Parliament reached a deal on a provisional agreement for the European Health Data Space (“EHDS”) regulation as part of the broader EU data strategy. The Council of the European Union published the compromise text of this agreement as a work-in-progress, providing

Continue Reading The European Health Data Space – What lies ahead?

The Data Protection Commission (DPC) has published its 2023 Annual Report, highlighting a record year with DPC fines accounting for 87% of all GDPR fines issued across the EU. A busy year for the DPC also saw a 20% increase in reported personal data breaches as Helen Dixon steps down after 10 years in

Continue Reading Ireland: DPC Issues Record 87% of EU GDPR Fines in 2023; Breach Reports Increase by 20%

Disclaimer: This article first appeared in the June 2024 issue of PLC Magazine, and is available at http://uk.practicallaw.com/resources/uk-publications/plc-magazine.

In order to capture the benefits of data-driven innovation, the EU and the UK are taking action to facilitate data sharing across various industries.

In the EU, the European Commission is investing €2

Continue Reading EU/UK: Data-Sharing Frameworks – A State of Play in the EU and the UK

In the UK, there is currently heightened regulatory scrutiny and increased public interest in children’s data protection and online harm, with a raft of new guidance and regulation from both the ICO and Ofcom, the chief regulator of the Online Safety Act, in relation to children’s safety online. 

Since the introduction of the ICO’s Children’s

Continue Reading UK: ICO and Ofcom approach to regulation of online services

The next steps in Australia’s long bubbling reform of the privacy regime has been announced, with draft legislation expected to be tabled by August 2024. The reform is being presented as part of the Federal Government’s efforts to improve online safety, particularly for women, but it’s not clear how broad its remit will be at

Continue Reading Australia: Privacy Act Updates Expected in August 2024

On Monday 29 April, new cyber security requirements entered into force in the United Kingdom.  They apply to connected products sold to consumers and place obligations on the manufacturers, importers and distributors of those products.

Background

The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (Regulations) are the

Continue Reading UK: New cyber security requirements for consumer products

On April 4, 2024, Kentucky Governor Andy Beshear signed House Bill 15, an act related to Kentucky consumer data privacy (“KCDPA”). Kentucky now joins the expanding list of states with comprehensive state privacy legislation, with the KCDPA set to take effect January 1, 2026.

Scope

The KCDPA applies to entities conducting business in Kentucky

Continue Reading US: Kentucky Legislature Passes Comprehensive State Privacy Law