Data privacy insights and commentary by Rebecca Herold
Why is there always some information security or privacy pros who insist on proclaiming that user awareness and training is a waste of time and money?
In the past few months the amount of talk, advice, debates, and claims about the EU GDPR which goes into effect May 25, has escalated to a fever pitch. And there is the rub. Most organizations do not know really know or understand what “personal data,” the GDPR term, is as it applies to their organization.
7 notified Sears, Best Buy, Delta, and other clients using their platform, about a data breach six months after the breach occurred. What should service providers and organizations that contract these third parties be doing better to protect their customers' privacy and personal data?
Do we need to protect the privacy of the deceased? Let’s look at the two kingpins of privacy regulation mentioned earlier – HIPAA and GDPR. We then take a brief view at a few of the literally hundreds of other personal information protection laws with regard to if and how they relate to the protection of the deceased.
Individuals, business leaders, and all other types of organization leaders need to improve their ransomware protections to protect their personal data, preserve privacy, and maintain access to their other data. What are some of the simple steps to avoid being a ransomware victim?
While so much has changed in technology and addressing privacy, it is important to never forget the lessons of the past. The basic categories of privacy risks are still the same and the general concepts for mitigating those risks are also pretty much the same as they were decades ago.