Random

Data Protection

Certain types of personal data are very valuable to criminals, and can be very damaging to an individual or business if it falls into the wrong hands. As the world becomes more digital and more connected, more of this sort of data is generated and passed between various sources on a regular basis.

Government regulations and supervisory authorities aren’t just about keeping irresponsible parties in line. They also provide vital security guidance to every type of organization that handles sensitive personal, business or government information.

Data protection regulations also ensure that the end user has a transparent view of and a say in the processing of personal data. These safeguards play a significant role in everything from the preservation of civil rights to ensuring that democratic institutions function properly.

Some types of personal data are clear candidates for regulation: medical records, banking information, national ID numbers and so on. But some of these regulations also cover items that might seem relatively innocuous at first glance: home addresses, email addresses, website profile information and so on. For example, the European Union General Data Protection Regulation (GDPR) has stipulations about anything that is unique to an individual to include phone numbers and social media accounts. People have varying levels of privacy preference with these items, but they are often protected by regulation because they can be used for targeted scams and attempts at identity theft.

Given that regulations often take the size and customer count of businesses into consideration in terms of penalties and the scope of protection of personal data, compliance is particularly important for enterprise-scale organizations. You do not necessarily have to have an active business presence in a country or region; simply storing data on or moving it through servers there may subject you to their data protection rules.

Image of business executives in a boardroom representing how governance of data should be on the agenda of all board director

Data Protection Insights

Not Just an IT Issue – Why Governance of Data Should Be on the Agenda of Every Board Director

September 8, 2017

Data governance is critical today. Why should board directors engage on governance of data? What are the risks and missed opportunities of failing to do so? Read More

Hand on computer keyboard with hovering image of EU-US Privacy Shield

Data Protection News

Second Review of EU-US Privacy Shield Shows Improvements

January 15, 2019

Second annual review of the EU-U.S. Privacy Shield went better than the first, but the European Commission is still waiting on the U.S. government to nominate a permanent Ombudsperson to handle potential complaints and requests from EU citizens. Read More

EU flags waving in front of European Parliament building

Data Protection Insights

Processing Personal Data on the Basis of “Legitimate Interests” Under the GDPR

July 6, 2018

While the legitimate interests ground for processing under the GDPR can be lawfully applied in many cases, a provisional balance should be established by data controllers with more safeguards for the protection of data subjects. Read More

Young man holding up compliance icons showing how companies are not ready for new CCPA data privacy regulation

Data Protection News

Study Shows Only 12% of Companies Are Ready For New CCPA Data Privacy Regulation

November 27, 2019

Ethyca's study shows that only 12% of companies have reach an “adequate state of compliance” ahead of the new CCPA data privacy regulation becoming law on January 1, 2020. Read More

Picture of New York times square showing the requirements of data security provisions under New York SHIELD Act

Data Protection News

Welcome to New York, Its Been Waiting for You … But Is Your Business Ready for the New York SHIELD Act?

April 1, 2020

Data security provisions under New York SHIELD Act has taken effect on 21 March, what are the new requirements and how should companies prepare to be in compliance? Read More

Gavel in front of computer screen showing 51 top CEOs in U.S. pushing for new federal privacy legislation

Data Privacy Data Protection News

Top CEOs Now Pushing For Federal Privacy Legislation

September 23, 2019

51 top CEOs from companies such as Amazon, IBM, Dell and JP Morgan Chase are pushing for new federal privacy legislation to establish a stable privacy policy environment. Read More

Man touching GDPR word on virtual screen showing the costs and benefits that GDPR and CCPA compliance can bring to companies

Data Protection Insights

If You’re Reading This Now It’s (Almost) Too Late (and Other GDPR Lessons)

December 3, 2019

Companies need a pragmatic picture of the costs and benefits that GDPR and CCPA compliance represents so that they can make the best decision for their business. Read More

Beach sunrise showing how business should win trust of regulators, customers and other stakeholders when GDPR honeymoon ends

Data Protection Insights

How to Win the Trust of Regulators, Customers and Other Stakeholders When the GDPR Honeymoon Ends

May 27, 2019

Privacy regulators have said they will take seriously anything that puts the twin principles of openness and honesty into jeopardy, and with the GDPR honeymoon period set to end, trust and reputation will be central going forward. Read More

Image of checklist on a clipboard and pen representing the need to demonstrate compliance using an accountability approach

Data Protection Insights

An Accountability Approach to Demonstrating Compliance

September 21, 2016

In this final instalment of an ongoing series on the issues that affect compliance in an ever more complex world Teresa Troester-Falklooks at how organisations can demonstrate compliance using an accountability approach. Read More

Image of girl with mask and cape representing the requirement for a new type of information technology and security professional

Data Protection Insights

Is a New Type of Information Technology and Security Professional Required?

August 26, 2016

In part one of a two part series, we examine some of the challenges that companies face in terms of the evolving privacy and data protection landscape. Data protection and privacy issues are now bedrock strategic issues for companies across the world and Information Security professionals are now under even more pressure to ensure that data remains secure. The value of data as an intangible asset continues to grow and legislation and regulation is becoming ever more stringent. The onus is on companies to comply or suffer the consequences. This is going to require a whole new breed of information security professional. In part two of this series (in next month’s newsletter) we’ll look at the argument for and against a new role combining Chief Security and Privacy Officer in this rapidly evolving regulatory environment. Read More

Data Protection

Not Just an IT Issue – Why Governance of Data Should Be on the Agenda of Every Board Director

Second Review of EU-US Privacy Shield Shows Improvements

Study Shows Only 12% of Companies Are Ready For New CCPA Data Privacy Regulation

Welcome to New York, Its Been Waiting for You … But Is Your Business Ready for the New York SHIELD Act?

Top CEOs Now Pushing For Federal Privacy Legislation

Is a New Type of Information Technology and Security Professional Required?

3 Reasons Why Companies Don’t Get Rid of Passwords – But Should

Providing Your Employees With Access to the Right Resources by Integrating UEM With Existing Solutions

Apple Makes a Major Privacy Move by Allowing Users to Disable Ad Tracking and Have Greater Insight Into App Permissions

The Invisible Attackers Waiting at Your Industrial Systems Gate: Be Wary, Be Prepared, Stay Resilient