One of my clients recently asked me what organizations should expect for information security and privacy in 2019. My short answer: More! Here is what to expect in five key areas in 2019, and beyond.
Blogs
Blogs by industry experts
Throughout the past couple of decades, I have identified a dozen reasons why data privacy protection brings many business values, and should not be brushed aside or minimized in importance.
Too many organizations either provide for no security and privacy training and awareness or take a completely inadequate or ineffective (bad) approach. Effective regular training and ongoing awareness can provide tremendous return on significantly better security and privacy practices.
B.J. Mendelson discusses the Facebook antics, GDPR, and what people can do to protect their privacy now and moving into the future in his presentation at the campus of George Mason University in Virginia.
Why is there always some information security or privacy pros who insist on proclaiming that user awareness and training is a waste of time and money?
With high-profile scandals and the seemingly daily buzz of breaches, scams and exploits, it’s more and more obvious that the data points that make up your online profiles are a hot commodity. Time for the citizenry to take back their personal data and bring back responsibility into the ecosystem.
In the past few months the amount of talk, advice, debates, and claims about the EU GDPR which goes into effect May 25, has escalated to a fever pitch. And there is the rub. Most organizations do not know really know or understand what “personal data,” the GDPR term, is as it applies to their organization.
Corporations and governments have access to more of your personal information than ever. Just existing in the digital world leaves a footprint that can be used to track and market to you with, and more commonly, without your permission. But all is not lost in the fight for personal privacy.
[24]7 notified Sears, Best Buy, Delta, and other clients using their platform, about a data breach six months after the breach occurred. What should service providers and organizations that contract these third parties be doing better to protect their customers' privacy and personal data?
Do we need to protect the privacy of the deceased? Let’s look at the two kingpins of privacy regulation mentioned earlier – HIPAA and GDPR. We then take a brief view at a few of the literally hundreds of other personal information protection laws with regard to if and how they relate to the protection of the deceased.
