Publications

Two key pieces of legislation govern AI solutions in the EU: the Artificial Intelligence Act (AI Act) and the General Data Protection Regulation (GDPR). Concepts such as automated individual decision-making, explainability, and transparency from GDPR are vital in the context of AI. Additionally, data controllers and processors may face new responsibilities based on their roles under the AI Act and the associated risk level of the AI systems they develop or use.

Curious about the latest developments in digital privacy and regulation? Our whitepaper, “E-Privacy Unveiled: Decoding the Regulatory Realm of ePR”, provides an in-depth look into the upcoming e-Privacy Regulation (ePR) from the European Union. This comprehensive guide is a must-read for anyone looking to understand how the e-Privacy Regulation will transform the protection of electronic communications and what it means for your organization.

In the complex world of healthcare and data protection, the Health Insurance Portability and Accountability Act (HIPAA) provides crucial guidelines for safely handling patient data. Our latest whitepaper, authored by experts Johan Martens, Emine Bilsin, and Deniz Naz Kaya, offers in-depth analyses and practical advice for navigating the challenges and opportunities HIPAA presents.

Are you ready to tackle the challenges of GDPR compliance in your clinical trials? Our latest whitepaper, “Five Crucial Steps Towards a GDPR Proof Clinical Trial”, offers an in-depth look at the essential steps your organization must take to meet the stringent requirements of the GDPR.

Due to globalization and rapid technological developments, the distances between countries and continents are becoming smaller and smaller. As a result, the personal data of millions of people are part of multiple international data transfers in different time zones and continents almost every second of the day.

Privacy by Design (or “PbD”) originated in the early 1990s and is an engineering and strategic management approach that allows you to selectively and sustainably minimize information system’s privacy risks through technical and organizational controls. Since the introduction of the GDPR, the philosophy of PbD is also reflected in article 25, requiring organizations as data controllers to implement data protection by design and by default.

Self-driving cars, connecting your smartphone to your vehicle, updating software remotely, automatic route planning based on real-time conditions, or commanding your car to park itself. These are just a few examples of technology we rely on in connected vehicles today. Our Data Privacy Expert, Dounia van de Weerd ‑ Skalli, delves into all the privacy issues related to connected vehicles and provide a useful guideline for GDPR-compliance.

What kind of measures do organizations from outside Europe need within the context of privacy and data protection, when deciding to do business in Europe? One key aspect is the GDPR or General Data Protection Regulation. But when your company is not located in the European Union, why should the GDPR apply to you? This is an interesting question that we will discuss in this white paper. Looking from a distance it seems obvious that when you are, for example, based in the United States, you are not captured by the GDPR, since you are not a European company. But is this really true? The answer, like many in the field of law is: It depends.