Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.

WORM Compliance at Work


Where WORM compliance is critical, companies naturally prefer WORM media so that data can live and remain available for many years without risk to its integrity. WORM compliance is the industry’s best investment in the health and accessibility of its most precious information resources. Vendors create WORM-compliant storage technologies (Write-Once, Read-Many) so that organizations can write (save) data to the media indefinitely.

GDPR Compliance: The Role of Vendor Risk Management

Data Breach Today

Attorney Steven Teppler on Holding Vendors Accountable Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation?

GDPR Compliance: Common Misconceptions

Data Breach Today

Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data

COPPA Compliance

Schneier on Security

Examining COPPA Compliance at Scale ": Abstract: We present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. Interesting research: " 'Won't Somebody Think of the Children?'

Facebook's Zuckerberg Pledges Worldwide GDPR Compliance

Data Breach Today

Second Congressional Hearing Probes Privacy Issues At a U.S. House hearing Wednesday, Facebook CEO Mark Zuckerberg said the company would eventually comply worldwide with the European Union's tough privacy law, the General Data Protection Regulation

Why data privacy professionals need a new approach to compliance

Information Management Resources

Data privacy Data privacy rules Compliance Compliance systemsThere are common requirements that span several of the new privacy laws and data protection regulations. By embracing them, you will be better prepared to help your organization become compliant.

Web Archiving for FINRA Compliance

Hanzo Learning Center

But haphazardly taking screenshots or downloading social media content through application program interfaces (APIs) won’t meet your compliance goals. ComplianceDo your web archives have inTegrity?

Simplify and accelerate your compliance projects

IT Governance

Anyone who is working on a compliance project, whether for the EU GDPR (General Data Protection Regulation) or ISO 27001 certification, will understand how time-consuming, complex and lengthy the process can be. Compliance Manager.

How organizations can best demonstrate GDPR compliance

Information Management Resources

GDPR Compliance systems ComplianceThe GDPR doesn’t provide guidance on how to meet its requirements. This was to make it future-proof, as best practices are likely to change over time. But without explicit guidance, many organizations have been stumped.

GDPR Compliance for US Healthcare: What You Need to Know

Data Breach Today

Strict HIPAA compliance is a great preparation for compliance with the European Union's General Data Protection Regulation, which will be enforced starting May 25, according to attorneys Robert Stankey and Adam Greene, who provide compliance insights in an in-depth interview

6 steps to implement a successful data compliance strategy

Information Management Resources

Compliance Data governance Compliance systemsWhen it comes to data governance, professionals cannot merely assume what they did in 2018 will be sufficient moving forward. Here are six tips for managing and governing data in 2019.

Tips 89

Compliance worries is number one driver of data management initiatives

Information Management Resources

states initiating privacy regulations, organizations are under tremendous pressure to establish and maintain compliance. Compliance Data management Compliance systemsWith the implementation of the General Data Protection Regulation and some U.S.

GDPR compliance checklist for healthcare

IT Governance

With the GDPR enforcement date less than a week away, HCPs should have identified a compliance plan in line with this guidance, which highlights how they will enact the Regulation and by when. Compliance will be mandatory for any organisation that processes EU residents’ personal data.

Compliance Meets Social APIs

Hanzo Learning Center

The Surprising Irony at the Intersection of Compliance and Social APIs. Compliance article

How you can demonstrate GDPR compliance

IT Governance

This is because the Regulation requires organisations to demonstrate their compliance. Accountability: the key to compliance. The need to document compliance shouldn’t be new to you. Get help demonstrating your compliance.

Securing Containers for GDPR Compliance

Thales Data Security

No matter where your organization is located, if it processes or controls the personal data of EU residents, it must be in compliance with GDPR, or it will be liable to significant fines and the requirement to inform affected parties of data breaches.

Procrastinators' Guide to GDPR Compliance

Data Breach Today

Organizations Are Not as Ready as They Might Believe If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now

Vendor compliance management is more than just a compliance manual

OpenText Information Management

In the retail sector, vendor compliance programs exist to reduce the time and effort it takes get the product to customers. To help reduce “time to customer”, retailers publish vendor compliance manuals with standards and expectations for doing business with them. Note – if you do a web search for “vendor compliance manual” you can … The post Vendor compliance management is more than just a compliance manual appeared first on OpenText Blogs.

How the ICO measures GDPR compliance

IT Governance

The ICO is almost certainly going to treat the failure to report the incident as a sign that there are further areas of non-compliance. This often begins with a compliance audit, which the ICO uses to set short-term compliance goals that the organisation is expected to meet.

Managing Security in Today's Compliance and Regulatory Environment

Dark Reading

Instead of losing sight of the cybersecurity forest as we navigate the compliance trees, consolidate and simplify regulatory compliance efforts to keep your eyes on the security prize

Where to start with GDPR compliance

IT Governance

The first few steps of your EU General Data Protection Regulation (GDPR) compliance project can be the most confusing. GDPR compliance is not a choice, nor is it just a matter of ticking a few boxes. The Regulation demands that you are able to demonstrate compliance.

Compliance-driven Work Stress

Hanzo Learning Center

Everywhere you turn these days in the compliance world, someone is talking about work stress. Compliance articleWe are all over-worked! We're all too stressed! The sky is indeed falling!

CISO Thom Langford's Top Tips for GDPR Compliance

Data Breach Today

Tips 130

Email archives often overlooked in GDPR compliance efforts

Information Management Resources

GDPR Compliance Compliance systems Data securityWhether it’s from customers, partners or colleagues, organizations collect hundreds, if not thousands, of emails that contain personal information every day.

Compliance incentives


Accuracy Communications Compliance Compliance (General) Controls Corporation Duty Duty of Care Governance Internal controls Oversight To report“CFPB Decides Not to Fine Citi on Overcharges,” The Wall Street Journal , June 30, 2018 B12. Company failed to lower credit card interest rates for some customers when it should have. It will refund the overcharges and fix its practices, but won’t pay a fine. Citi self-reported, and proposed full restitution.

Poll Shows GDPR Compliance Lacking

Adam Levin

Only 34.5 % of the approximately 500 professionals responsible for compliance to the European Union (EU) General Data Protection Regulation (GDPR) report maintaining practices that are in keeping with the regulation, a recent Deloitte poll.

HIPAA Compliance Changes and How to Adjust


While HIPAA compliance was not completely ignored in this case, there was a failure to conduct an accurate and thorough risk analysis of potential vulnerabilities according to HIPAA. This is why it is vital for healthcare organizations to examine any potential HIPAA compliance changes, and ensure that all employees are trained and aware of these changes. However, organizations must enhance their compliance procedures. They can do this by addressing HIPAA compliance.

Turn regulatory compliance into competitive advantage

OpenText Information Management

However, there was one particular article that caught my … The post Turn regulatory compliance into competitive advantage appeared first on OpenText Blogs. Compliance Information Management Supply Chain Data data privacy GDPR information security regulations Sustainability

Governance and Compliance Processes Ripe for AI Automation


In The State of Intelligent Information Management: Getting Ahead of the Digital Transformation Curve and in GDPR after the Deadline: Progress, But a Long Way to Go , AIIM began an examination of one of the four key IIM practice areas — Automating Compliance and Governance.

Understanding PCI compliance auditing

IT Governance

Businesses of all sizes must undergo Payment Card Industry Data Security Standard (PCI DSS) compliance audits to ensure that their customers’ data is protected during credit or debit card transactions and while stored.

Data discovery: the first step to GDPR compliance

OpenText Information Management

We’re now less than five months away from the required compliance date of the EU General Data Protection Regulation (GDPR). Organizations that have EU residents as customers, suppliers or partners are required to be in compliance by May 2018.

How to Improve Governance, Risk and Compliance

eSecurity Planet

VIDEO: Alissa Johnson, CISO at Xerox and former Deputy CIO at the White House, outlines compliance steps that could help all enterprises

Video 76

Bringing Compliance into the SecDevOps Process

Dark Reading

But often, compliance clouds the picture Application security should be guided by its responsibility to maintain the confidentiality, integrity, and availability of systems and data.

Cloud 72

Compliance concerns shouldn't drive data security strategies

Information Management Resources

Compliance concerns certainly have their place in today’s enterprise, however, they should not be viewed as interchangeable with security best practices. Data security Cyber security Data management

PCI DSS compliance made easier

IT Governance

Complying with the PCI DSS can seem onerous, and compliance requirements depend on the type and volume of transactions your organisation undertakes, which is why we’ve produced a new infographic to help you better understand the process.

Using GDPR compliance to excel at customer-centric data management

Information Management Resources

GDPR Compliance Compliance systems Data privacy Data securityThe new regulation will inspire processes and programs that safeguard personal information and will become a differentiator for many firms.

GDPR compliance: why you should consider BS 10012 certification

IT Governance

The 2017 version has been specifically designed to help organisations implement processes, policies and controls for GDPR compliance. Is conformance to BS 10012 sufficient for overall GDPR compliance?

GDPR compliance: why you should consider BS 10012 certification

IT Governance

The 2018 version has been specifically designed to help organisations implement processes, policies and controls for GDPR compliance. Is conformance to BS 10012 sufficient for overall GDPR compliance?

Essential guidance on achieving and prioritising GDPR compliance

IT Governance

As the 25 May 2018 deadline for EU General Data Protection Regulation (GDPR) compliance draws near, it is becoming clear that the vast majority of UK businesses will not be ready. Preparing for the GDPR – a compliance checklist. The ability to prove compliance is critical.