Maher Ghalloussi, Author at Global Compliance News

In Data Privacy

United Arab Emirates: Amendments to the DIFC Data Protection Law enacted

September 19, 2023 by Andrea Mezzetti, Lucrezia Lorenzini, Maher Ghalloussi and Rosanne Brennan 3 Mins Read

The law addresses for the first time the processing of personal data via autonomous and semi-autonomous systems

In Data Privacy

UAE: DIFC proposed amendments on data protection regulations

May 5, 2023 by Andrea Mezzetti, Lucrezia Lorenzini and Maher Ghalloussi 2 Mins Read

On 18 April 2023, the Dubai International Financial Centre (DIFC) launched a 30-day public consultation on the proposed amendments to the Personal Data Protection Regulations to establish additional areas of regulation that would support the strong implementation of the DIFC Data Protection Law No. 5 of 2020. The proposed amendments are aimed at enhancing the current data protection framework in the DIFC and addressing the means for better, safer and more ethical management of personal data processing and operations.

In Data Privacy

Saudi Arabia: New amendments have been introduced to the Personal Data Protection Law

April 27, 2023 by Abdulrahman AlAjlan, Zahi Y. Younes, Yousef Bugaighis, Maher Ghalloussi, Lucrezia Lorenzini and Hala Redwan 3 Mins Read

The Personal Data Protection Law of Saudi Arabia (“KSA”) was recently amended pursuant to Royal Decree No. M/148, dated 05/09/1444H (corresponding to 27 March 2023G) (“Amended PDPL”). These amendments were preceded by a public consultation launched by the Saudi Data and Artificial Intelligence Authority in late 2022.
The Amended PDPL expands the scope under which Controllers could collect personal data from third parties, and process it for purposes other than that for which it was originally collected. It also provides additional grounds for Controllers to disclose personal data, and introduces an updated regime for personal data transfers outside of KSA.

In Data Privacy

UAE: Abu Dhabi Department of Health requires licensed entities to comply with strict data localization requirements

October 7, 2022 by Kellie Blyth, Maher Ghalloussi and Lucrezia Lorenzini 4 Mins Read

On 30 June 2022, the Government of Abu Dhabi Department of Health (DoH) issued Circular No. 147 of 2022 requiring health and pharmaceutical facilities licensed by the DoH (“Licensed Entities”) to obtain a “secure” or “safe” certificate that certifies they operate in full compliance with the requirements of the Abu Dhabi Standard for Health Information Security and Cyber Security Standards (“Standards”). Licensed Entities have until the end of this year (i.e., by 31 December 2022) to complete an audit process to verify their self-certification with the Standards.
The Circular also states that Licensed Entities are urged to apply stricter cybersecurity controls, including to ensure health data is not transmitted outside of the UAE and to discontinue the use of any cloud-based services that store or utilize health data, irrespective of whether that solution is hosted within or outside the UAE.