Hello Friends,
Enforcement of Thailand’s Personal Data Protection Act started on June 1st.
In another part of the world, India’s Ministry of Electronics and Information Technology is seeking public input on the draft National Data Governance Framework Policy that intends to enhance access, quality, and use of data,
This news and more, in this fortnights' Data Privacy Insights- curated privacy news from across the globe.
Enjoy reading!
Data Breach
Data Breach Affects Hundreds of Canadian Federal Government Employees Claiming Pay Damages
Hundreds of Canadian federal government employees had their privacy breached after the Treasury Board of Canada Secretariat sent a mass email containing personal information to those claiming Phoenix pay damages to the department.
Breach of Massachusetts Health Care Organization Impacts 2M
Shields Health Care says it is investigating a data security breach that may have impacted 56 health care facilities and their patients. Shields based in Quincy, Massachusetts, provides management and imaging services for health care facilities.
Shields said in a statement posted on its website that it "became aware of suspicious activity" on its network on March 28 and launched an investigation to determine the full scope of the incident.
Regulations
Enforcement of Thailand’s Personal Data Protection Act Begins
Enforcement of Thailand’s Personal Data Protection Act starts June 1, the Bangkok Post reports. A survey by the Thai Board of Trade and the University of the Thai Chamber of Commerce found of nearly 4,000 businesses surveyed, 8% have taken steps toward compliance, while 31% have not begun the process.
MEITY Invites Feedback and Inputs on Draft National Data Governance Framework Policy
India’s Ministry of Electronics and Information Technology is seeking public input on the draft National Data Governance Framework Policy. The policy’s intent is to enhance access, quality, and use of data, in keeping with current and emerging technological needs. The deadline to submit feedback is 18th June.
Minnesota Passes Student Privacy Bill
Minnesota passed a student privacy bill governing educational data. The bill is effective for the 2022-23 school year and beyond. The bill states that technology providers do not own any educational data created, obtained, or shared through a contract with an educational institution. It further emphasizes that the technology providers cannot use the data for any commercial purpose, including marketing or advertising; and cannot access or monitor a device’s location-tracking feature, audio or visual recordings, and web-browsing activity. The bill also states parents must be notified of any curriculum, testing or assessment affecting a student’s educational data.
Maryland Enacts Personal Information Protection Act
Maryland enacted the Personal Information Protection Act; legislation aiming to protect Maryland consumers’ personal identifying information and ensure they are notified in the event it is compromised.
The legislation “contains provisions for notification of consumers in the event of a data security breach and for reasonable security measures to protect consumers’ personal identifying information.