eDiscovery Daily Blog

The Sedona Conference Has Published the Final Version of its Data Privacy Primer: eDiscovery Best Practices

With the Microsoft Ireland case being argued before SCOTUS on February 27 and the General Data Protection Regulation (GDPR) going into effect in May (click here to register for our next webcast on that topic), it’s a big year for data privacy.  In keeping with that theme, The Sedona Conference® (TSC) has published the final version of a primer to help with this growing issue.

Last week, TSC and its Working Group 11 on Data Security and Privacy Liability (WG11) rolled out the final version of its new Data Privacy Primer, almost exactly a year after rolling out the public comment version.  This final version contains several updates following thorough consideration of the public comments submitted between January and April 2017.

WG11 developed the Data Privacy Primer to provide a practical framework and guide to basic privacy issues in the United States and to identify key considerations and resources, including key privacy concepts in federal and state law, regulations, and guidance.

As we noted last year, the Primer is “intended to provide a practical framework and guide to basic privacy issues in the United States and to identify key considerations and resources, including key privacy concepts in federal and state law, regulations, and guidance.”  The TSC notes that it focuses on privacy laws in the U.S. in this Primer and that global privacy laws are outside the scope of its coverage. It also focuses primarily on privacy issues arising under civil rather than criminal law (though criminal law implications are addressed “at various points” in the Primer).

The Primer covers topics ranging from Common Law of Privacy to Federal and State Government Laws and Act regarding privacy policies and protections to discussions of general consumer protection, health (including HIPAA) and financial protections.  It also discusses Workplace and Student privacy considerations which ranges from discussions about use of company equipment and email and bring your own device (BYOD) policies in the workplace and privacy protections for educational records.  Apparently, there were a lot of public comments, because the PDF file for the Primer has ballooned up to a whopping 175 pages (from 115 for the public comment version).  So, it’s not exactly “light” reading for a weighty topic.  :o)

So, what do you think?  How does your organization address data privacy?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

print