{"id":1536,"date":"2022-01-26T10:47:03","date_gmt":"2022-01-26T16:47:03","guid":{"rendered":"https:\/\/www.bbrown.com\/?post_type=insight&#038;p=1536"},"modified":"2022-04-11T10:30:17","modified_gmt":"2022-04-11T15:30:17","slug":"annual-data-privacy-regulatory-updates","status":"publish","type":"insight","link":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/","title":{"rendered":"Annual Data Privacy Regulatory Updates"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row row_style=&#8221;page-hero&#8221; full_width=&#8221;stretch_row_content&#8221;][vc_column]\n\t<div class=\"hero hero--wrap    \">\n\n\t\t<div class=\"hero--background-image hero--background-image-blur\">\n\t\t\t<div class=\"hero--overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"hero-background\" style=\"background: url(https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg) center center no-repeat; background-size: cover;\"><\/div>\n\t\t\t\t\t<\/div>\n\n\t\t<div class=\"hero--container\">\n\t\t\t<div class=\"container\">\n\t\t\t\t<div class=\"hero--inner width-100\">\n\n\t\t\t\t\t\n  <div class='content-heading  100%  '>\n    <p class='text-white subheading'>White Paper<\/p>\n    <h1 class='text-white    '>\n      Annual Data Privacy Regulatory Updates\n    <\/h1>\n\t\n  <\/div>\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\n\t<\/div>\n\n\t\n[\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;2\/3&#8243;]\n  <div class='content-heading  100% content-heading--ruled '>\n    \n    <h1 class='text-brand-dark-blue    h2'>\n      Annual Data Privacy Regulatory Updates\n    <\/h1>\n\t\n  <\/div>[vc_column_text]<\/p>\n<h3>Introduction<\/h3>\n<p>While various ransomware attacks have been monopolizing recent headlines, it is critical to remember that data breaches are the baseline to cyber losses. As of Sept. 30, 2021, the number of publicly reported data breaches, year-to-date, had already exceeded the total number of breaches reported for the entirety of 2020. From both a regulatory and consumer-obligation perspective, organizations and their management teams should remain informed about developments to both novice and existing data privacy rules and regulations. This piece intends to provide customers with an update on data privacy regulations from an international and domestic standpoint.<\/p>\n<h3>Data Privacy Regulation Update<\/h3>\n<h4>European Union (EU) &#8211; General Data Protection Regulation<\/h4>\n<p>Since the spring of 2018, the General \u00a0Data \u00a0Protection \u00a0Regulation (GDPR) has served as the primary legislative mechanism regulating how companies protect citizens&#8217; \u00a0personal data of the European \u00a0Union (EU). \u00a0The introduction of the GDPR bolstered the EU&#8217;s commitment to addressing \u00a0&#8220;privacy&#8221; as a fundamental human right; the EU \u00a0now possesses some of the strictest data privacy and protection laws worldwide.<\/p>\n<p>During the summer of 2021, the European Commission published novice Standard \u00a0Contractual \u00a0Clauses (SCCs) \u00a0regarding the transfer of personal data from the EU to third-party countries outside of EU jurisdiction, such as the United \u00a0States. However, there was one jurisdictional exception: \u00a0post-Brexit, the SCCs do not apply to transfers of personal data from the United \u00a0Kingdom.<\/p>\n<p>While the previous SCCs only stipulated specific requirements for controller-to-controller and controller-to-processor transfers, the SCCs introduced in \u00a0June 2021 stipulate requirements for those as well as transfers between processor-to-sub-processors and processors-to-controllers. The new guidelines contain novice requirements for data importers or controllers and processors located beyond the borders of the EU. \u00a0They are required for all new transfer agreements entered on or after Sept. 27, 2021. Agreements already in effect must be replaced with the new secs by Dec. 22, 2022.<\/p>\n<p>The new SCCs require data importers to confirm they will only disclose personal data to third parties outside of EU jurisdiction if such a \u00a0party has agreed to be bound by the terms of the clauses <strong><em>or <\/em><\/strong>that a \u00a0specific legal exemption applies. Since previous guidance explained that exemptions are not permitted for systemic transfers of personal data, a \u00a0data importer must now ensure that any party involved in processing the data, this includes any potential sub-processor, has also signed and agreed to the updated secs.<\/p>\n<p>With the novel SCCs, it is no longer necessary for organizations to enter into separate data processing agreements to comply with \u00a0<a href=\"https:\/\/gdpr-info.eu\/art-28-gdpr\/\" target=\"_blank\" rel=\"noopener\">Article 28 of the GDPR<\/a>. Article \u00a028 requires data controllers to ensure they only appoint data processors capable of providing \u00a0&#8220;sufficient guarantees&#8221; of their intent and abilities to implement the terms set forth by the GDPR. The Article also requires data processing to be conducted pursuant to a contract, \u00a0making it a violation of the regulation for controllers and processors to fail to enter a written data-processing contract. \u00a0Modules Two and Three of the new clauses contain the requirements articulated within \u00a0Article \u00a028; therefore, for controller\u2022 to-processor and processor-to-processor data transfers, supplementary data processing agreements are no longer imperative.<\/p>\n<p>The new clauses also contain a \u00a0&#8220;docking clause&#8221;. While the previously utilized \u00a0SCCs were devised for two-party contracts, the new provisions allow for execution by multiple parties. The &#8220;docking clause&#8221; permits and highlights the process of adding additional parties to the SCCs during a contract&#8217;s lifetime.[\/vc_column_text]\t<div class='wpb_content_element text-left btn-container'>\n\t\t\t\t\t<a class='btn btn-brand-green  '\n\t\t\t\thref='https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/White-Paper-\u2013-Annual-Data-Privacy-Regulatory-Updates-\u2013-Brown-Brown.pdf' target='_blank' data-toggle=''>\n\t\t\t\t<span class=\"btn-text-color--default\">Continue Reading<\/span>\n\t\t\t<\/a>\n\t\t\t<\/div>\n[\/vc_column][vc_column width=&#8221;1\/3&#8243;][vc_single_image image=&#8221;986&#8243; alignment=&#8221;center&#8221;][vc_separator border_width=&#8221;2&#8243; el_width=&#8221;60&#8243;][vc_column_text]<\/p>\n<h6 style=\"text-align: center;\">by Nina Nisanova<\/h6>\n<p style=\"text-align: center;\">and the Specialty Risk Solutions Cyber Risk team<\/p>\n<p>[\/vc_column_text]\t<div class='wpb_content_element text-center btn-container'>\n\t\t\t\t\t<a class='btn btn-brand-dark-blue  '\n\t\t\t\thref='\/us\/contact\/contact-general\/' target='' data-toggle=''>\n\t\t\t\t<span class=\"btn-text-color--default\">Connect Now<\/span>\n\t\t\t<\/a>\n\t\t\t<\/div>\n[\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row row_style=&#8221;page-hero&#8221; full_width=&#8221;stretch_row_content&#8221;][vc_column][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;2\/3&#8243;][vc_column_text] Introduction While various ransomware attacks have been monopolizing recent headlines, it is critical to remember that data breaches are the baseline to cyber losses. As of [&hellip;]<\/p>\n","protected":false},"author":66,"featured_media":1537,"template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"insight_category":[34],"class_list":["post-1536","insight","type-insight","status-publish","has-post-thumbnail","hentry","insight_category-property-casualty"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Annual Data Privacy Regulatory Updates - Brown &amp; Brown<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Annual Data Privacy Regulatory Updates\" \/>\n<meta property=\"og:description\" content=\"[vc_row row_style=&#8221;page-hero&#8221; full_width=&#8221;stretch_row_content&#8221;][vc_column][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;2\/3&#8243;][vc_column_text] Introduction While various ransomware attacks have been monopolizing recent headlines, it is critical to remember that data breaches are the baseline to cyber losses. As of [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/\" \/>\n<meta property=\"og:site_name\" content=\"Brown &amp; Brown\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-11T15:30:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"750\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/\",\"url\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/\",\"name\":\"Annual Data Privacy Regulatory Updates - Brown &amp; Brown\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.bbrown.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg\",\"datePublished\":\"2022-01-26T16:47:03+00:00\",\"dateModified\":\"2022-04-11T15:30:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/#breadcrumb\"},\"inLanguage\":\"us\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"us\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.bbrown.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg\",\"contentUrl\":\"https:\\\/\\\/www.bbrown.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg\",\"width\":1000,\"height\":750},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/insight\\\/annual-data-privacy-regulatory-updates\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Insights\",\"item\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/news-events\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Annual Data Privacy Regulatory Updates\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#website\",\"url\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/\",\"name\":\"Brown &amp; Brown\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"us\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#organization\",\"name\":\"Brown &amp; Brown\",\"url\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"us\",\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.bbrown.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/cropped-BBRetail002-RGBrevs.png\",\"contentUrl\":\"https:\\\/\\\/www.bbrown.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/cropped-BBRetail002-RGBrevs.png\",\"width\":1000,\"height\":136,\"caption\":\"Brown &amp; Brown\"},\"image\":{\"@id\":\"https:\\\/\\\/www.bbrown.com\\\/us\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Annual Data Privacy Regulatory Updates - Brown &amp; Brown","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/","og_locale":"en_US","og_type":"article","og_title":"Annual Data Privacy Regulatory Updates","og_description":"[vc_row row_style=&#8221;page-hero&#8221; full_width=&#8221;stretch_row_content&#8221;][vc_column][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;2\/3&#8243;][vc_column_text] Introduction While various ransomware attacks have been monopolizing recent headlines, it is critical to remember that data breaches are the baseline to cyber losses. As of [&hellip;]","og_url":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/","og_site_name":"Brown &amp; Brown","article_modified_time":"2022-04-11T15:30:17+00:00","og_image":[{"width":1000,"height":750,"url":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/","url":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/","name":"Annual Data Privacy Regulatory Updates - Brown &amp; Brown","isPartOf":{"@id":"https:\/\/www.bbrown.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/#primaryimage"},"image":{"@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/#primaryimage"},"thumbnailUrl":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg","datePublished":"2022-01-26T16:47:03+00:00","dateModified":"2022-04-11T15:30:17+00:00","breadcrumb":{"@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/#breadcrumb"},"inLanguage":"us","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/"]}]},{"@type":"ImageObject","inLanguage":"us","@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/#primaryimage","url":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg","contentUrl":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2022\/01\/WP_Annual-Data-Privacy-Regulatory-Updates_Website-Graphic.jpg","width":1000,"height":750},{"@type":"BreadcrumbList","@id":"https:\/\/www.bbrown.com\/us\/insight\/annual-data-privacy-regulatory-updates\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bbrown.com\/us\/"},{"@type":"ListItem","position":2,"name":"Insights","item":"https:\/\/www.bbrown.com\/us\/news-events\/"},{"@type":"ListItem","position":3,"name":"Annual Data Privacy Regulatory Updates"}]},{"@type":"WebSite","@id":"https:\/\/www.bbrown.com\/us\/#website","url":"https:\/\/www.bbrown.com\/us\/","name":"Brown &amp; Brown","description":"","publisher":{"@id":"https:\/\/www.bbrown.com\/us\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bbrown.com\/us\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"us"},{"@type":"Organization","@id":"https:\/\/www.bbrown.com\/us\/#organization","name":"Brown &amp; Brown","url":"https:\/\/www.bbrown.com\/us\/","logo":{"@type":"ImageObject","inLanguage":"us","@id":"https:\/\/www.bbrown.com\/us\/#\/schema\/logo\/image\/","url":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2021\/12\/cropped-BBRetail002-RGBrevs.png","contentUrl":"https:\/\/www.bbrown.com\/wp-content\/uploads\/2021\/12\/cropped-BBRetail002-RGBrevs.png","width":1000,"height":136,"caption":"Brown &amp; Brown"},"image":{"@id":"https:\/\/www.bbrown.com\/us\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/insight\/1536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/insight"}],"about":[{"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/types\/insight"}],"author":[{"embeddable":true,"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/users\/66"}],"version-history":[{"count":0,"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/insight\/1536\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/media\/1537"}],"wp:attachment":[{"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/media?parent=1536"}],"wp:term":[{"taxonomy":"insight_category","embeddable":true,"href":"https:\/\/www.bbrown.com\/us\/wp-json\/wp\/v2\/insight_category?post=1536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}