Hiroyasu Kageshima’s webinar titled “Matters to Note in Business Operations under the Amended Personal Information Protection Act Based on the Guidelines” became available online.
The outline of the lecture is as follows:
Host: PRONEXUS INC.
Date: Friday, December 3, 2021, 10:00 – Friday, January 7, 2022, 17:00
Venue: Online
Lecturer: Hiroyasu Kageshima
Matters to Note in Business Operations under the Amended Personal Information Protection Act Based on the Guidelines
~ Samples of privacy policies and consent language will be distributed ~
The 2020 Amendment goes into effect on April 1, 2022. In this seminar, the lecturer explains actions that must be taken by companies based on the promulgated enforcement rules/regulations and publicized general guidelines, etc. Specifically, the lecturer explains which parts of privacy policies must be revised and what language should be used for such revision or for obtaining consent with respect to cross-border transfers or individual-related information, by referring to actual cases. The lecturer also examines the use of pseudonymyzed information in business based of specific data.
Matters to Note in Business Operations under the Amended Personal Information Protection Act Based on the Guidelines
Program
- The overall picture of the amendment and 6 points
- Strengthened rights of individuals
(1) Electronic disclosure
– What if a data subject requests the disclosure of his/her entire data?
(2) Suspension of use/deletion, etc.
– Situations where suspension of use/deletion is required
– Points with respect to responding to requests
(3) Disclosure of tracing records - Tighter regulations regarding the “use” of personal information
(1) Prohibition on inappropriate use
– What is “inappropriate use”?
(2) Specifying the purpose of use when using the information for profiling, etc.
– What changes should be made to the privacy policy? - Tighter regulations regarding information management, etc.
(1) Obligation to report leakage, etc.
– Relationship with suspension of use/deletion, etc.
(2) Clauses to be included in contracts with service providers - Tighter regulations on cross-border transfers
(1) Points with respect to transferring information based on consent
– How to explain the personal information protection legislation
(2) Points with respect to transferring information by implementing “appropriate measures”
– Points with respect to revising the provisions of the Data Transfer Agreement (DTA)
(3) Matters that need to be addressed when a transfer is not considered as “provision” (such as the use of PaaS) - Providing “individual-linked information”
– Cookies and “individual-linked information”
– Acquisition of attribute information from a public DMP and new regulations
– Language for obtaining consent - Pseudonymized information
– What is pseudonymized information?
– Related regulations
– In what situations can it be used?
– Shared use of pseudonymized information
[Sign up]
Please sign up from the following website of PRONEXUS:
https://p-support.pronexus.co.jp/SeminarDetail.aspx?sid=4911&lid=18&count=2&lec=0&page=1&key=%e5%80%8b%e4%ba%ba%e6%83%85%e5%a0%b1