Data Matters

SEPTEMBER 6, 2022

Privacy never sleeps in California. In recent days and as California’s legislative session comes to a close, there have been a number of significant legislative and regulatory developments in the state, each of which will likely (again) change the privacy landscape in California and, by extension, the rest of the country.

Privacy 197

Privacy B2B Sales Compliance 197

Hunton Privacy

OCTOBER 27, 2023

On October 17, 2023, the Office of the Privacy Commissioner of Canada (“OPC”) announced the release of two companion documents that provide further guidance on protecting the privacy of young people.

Privacy 72

Privacy Access IT Information Security 72

Schneier on Security

APRIL 3, 2024

The lawsuit has been settled : Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. I was an expert witness for the prosecution (that’s the class, against Google).

Data collection 105

Data collection Privacy IT 105

Hunton Privacy

FEBRUARY 29, 2024

Finally, the investigation indicated that GRBH violated the HIPAA Privacy Rule by failing to meet the requirement not to use or disclose PHI except as permitted by the Rule. Distribute policies and procedures to the workforce and collect compliance certifications from all members. Investigate all likely policy violations.

Ransomware 111

Ransomware Personal data Risk Privacy 111

Data Protection Report

FEBRUARY 16, 2023

1] While the BYOD approach may offer certain advantages, such as greater flexibility and cost savings, employers should be mindful of the cybersecurity and privacy risks when leaving employees to their own devices. The contents and scope of this policy are discussed in our previous article here.

Privacy 125

Privacy Cybersecurity Risk Digital transformation 125

Hunton Privacy

FEBRUARY 23, 2022

The Texas AG’s investigation focuses on TikTok’s alleged violations of children’s privacy and facilitation of human trafficking, along with other potential unlawful conduct. On February 18, 2022, the Texas Attorney General’s Office (the “Texas AG”) announced that it had issued two Civil Investigative Demands (“CIDs”) to TikTok Inc.

Privacy 102

Privacy IT 102

eSecurity Planet

JANUARY 5, 2024

A firewall policy is a set of rules and standards designed to control network traffic between an organization’s internal network and the internet. Featured Partners: Next-Gen Firewall (NGFW) Software Learn more Table of Contents Toggle Free Firewall Policy Template What Are the Components of Firewall Policies?

Compliance 88

Compliance Access Communications Cybersecurity 88

Adam Shostack

DECEMBER 11, 2019

In closely related news, nominations for the 2020 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies are open. The Identity Project has extensive documentation , and I generally concur with their recommendations.

Encryption 40

Encryption Privacy Risk Government 40

Krebs on Security

JANUARY 7, 2021

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. These sealed documents will not be uploaded to CM/ECF.

Computer and Electronics 363

Computer and Electronics Access Communications Paper 363

Data Protection Report

OCTOBER 24, 2022

Privacy and cybersecurity practices of target companies are being increasingly scrutinized throughout the due diligence process in M&A transactions. Where the company does not have timely policies and related training in place, or conduct regular third- party testing (e.g.

Privacy 123

Privacy Cybersecurity Compliance Risk 123

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy 87

Data Privacy Privacy GDPR Personal data 87

Data Matters

OCTOBER 21, 2022

On October 4, 2022, the White House Office of Science and Technology Policy published The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People (the “AI Blueprint”). Data privacy is at the center of the framework. by providing them with the opportunity to engage with a human).

Privacy 88

Privacy Data Privacy Education Government 88

Data Protection Report

APRIL 30, 2024

The order also requires that the company destroy personal data for which it had not received consent and to create a document retention and destruction policy. Its privacy policy stated that the company would treat the data confidentially, and the company would not share data without user consent.

Personal data 85

Personal data Privacy Information governance Compliance 85

Archive Document Data Storage

MARCH 28, 2018

Do you have a plan for managing and protecting your documents? A document retention policy establishes what documents to keep, how long to store them, and when they should be destroyed. Here are the top reasons your organisation needs a document retention policy: . Privacy Protection. Cost Savings.

Archiving 40

Archiving GDPR Compliance Privacy 40

Security Affairs

JANUARY 29, 2024

released documents that confirmed the National Security Agency (NSA) buys Americans’ internet browsing records without a court order. Metadata on browsing activity, which includes information about the websites visited, timestamps, and duration of visits, can be abused for surveillance in several ways, privacy advocated warn.

Metadata 117

Metadata Sales Personal data Privacy 117

Krebs on Security

JUNE 18, 2021

NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. If you bought or sold a property in the last two decades or so, chances are decent that you also gave loads of personal and financial documents to First American.

Insurance 280

Insurance Risk Financial Services Mining 280

Schneier on Security

AUGUST 2, 2023

In an email newsletter, Melissa Hathaway wrote: Now that the rule is final, companies have approximately six months to one year to document and operationalize the policies and procedures for the identification and management of cybersecurity (information security/privacy) risks. News article.

Cybersecurity 84

Cybersecurity Risk Privacy Information Security 84

Data Protection Report

NOVEMBER 28, 2023

To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023 technology, privacy and cybersecurity virtual summit. Our leading lawyers were joined by prominent industry leaders to discuss and explore the latest developments, challenges and opportunities in the technology, privacy, and cybersecurity landscape.

Cybersecurity 136

Cybersecurity Risk Artificial Intelligence Privacy 136

Armstrong Archives

FEBRUARY 28, 2019

Improperly stored documents can create a number of serious obstacles for any company. Unfortunately, some businesses regard document management as an afterthought. Our document storage and management services enable your company to ensure it is complying with all state and federal regulations. Follow State Regulations.

Archiving 40

Archiving Records Management Paper Privacy 40

ARMA International

AUGUST 7, 2023

These include artificial intelligence (AI), hybrid and remote work collaboration, cloud, workflow automation and customization, mail processing and digitization, and security and data privacy. And this means establishing clear user policies and being mindful of the risks and benefits associated with these AI tools.

Artificial Intelligence 52

Artificial Intelligence Cloud Data Privacy Privacy 52

IT Governance

FEBRUARY 16, 2024

He’s also an award-winning author, and has been involved in developing a wide range of information security and data privacy training courses, has consulted for clients across the globe, and is a regular media commentator and speaker. We sat down to chat to him about industry challenges in 2024.

Data Privacy 117

Data Privacy GDPR Compliance Privacy 117

ARMA International

JUNE 19, 2023

Records managers, compliance, finance, information technology, legal, and privacy departments are all concerned with the proper management of information. How Records Managers Provide Easy-to-Use Tools The records retention schedule and supporting policies are the primary tools of the records manager.

Records Management 97

Records Management Compliance Privacy IT 97

The Last Watchdog

JANUARY 27, 2022

Lack of documented evidence. Besides asking for more detailed documentation on past incidents and known system vulnerabilities, you should implement a zero trust security framework with an Identity & Access Management (IAM) solution. The transition process needs to account for: •Data privacy, ownership, and governance.

Privacy 265

Privacy Security Risk Marketing 265

The Last Watchdog

JUNE 21, 2023

June 21, 2023 – NowSecure, the recognized experts in mobile security and privacy, announced today that it has completed its latest annual SOC 2 Type 2 security audit – the industry benchmark for independent auditing of security controls for software vendors. Chicago, Ill.,

Privacy 100

Privacy Risk Government Compliance 100

Armstrong Archives

MAY 30, 2019

To avoid complications and streamline business operations, companies must come up with a number of different policies including a strategy for document storage. This plan should address a number of key issues including what documents will be retained, how long the documents will be held, and where and how the documents will be stored.

Archiving 40

Archiving Privacy Compliance Records Management 40

Data Matters

JANUARY 27, 2020

On January 22, 2020, the Court of Justice of the European Union (CJEU) found that there is not a general presumption of confidentiality over documents containing clinical and preclinical data provided to the European Medicines Agency (EMA) to support a marketing authorization application. Background. Judgment and implications.

Marketing 68

Marketing Healthcare Access Privacy 68

eSecurity Planet

APRIL 30, 2024

Firewall architecture design and environment: Finalize your architecture, harden configurations, identify location and dependencies, and define policy rules. 8 Steps to Set Up a Firewall To set up a firewall, configure the tool by creating rules, network zones, and policies. Sample network zones configuration from Palo Alto 4.

Compliance 62

Compliance Risk Access Security 62

Data Matters

SEPTEMBER 23, 2021

As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR). If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL.

Data Privacy 97

Data Privacy Compliance Privacy Personal data 97

Krebs on Security

DECEMBER 6, 2023

ICANN made the policy change in response to the General Data Protection Regulation (GDPR), a law enacted by the European Parliament that requires companies to gain affirmative consent for any personal information they collect on people within the European Union.

Phishing 229

Phishing GDPR Personal data Communications 229

The Last Watchdog

MARCH 8, 2021

Like a couple of WWE arch rivals, Apple’s Tim Cook and Facebook’s Mark Zuckerberg have squared off against each other in a donnybrook over consumer privacy. Cook initially body slammed Zuckerberg — when Apple issued new privacy policies aimed at giving U.S. Related: Raising kids who care about their privacy.

Privacy 196

Privacy Personal data Manufacturing Data Privacy 196

AIIM

OCTOBER 27, 2020

There have been some interesting developments in the world of E-Discovery tied to many of the same privacy protection laws and regulations changing the game in records and information management. EU Courts Invalidate Privacy Shield. There are several ways to overcome data privacy restrictions and enable cross-border transfers.

e-Discovery 191

e-Discovery Personal data Privacy GDPR 191

eSecurity Planet

FEBRUARY 21, 2024

A firewall audit is a thorough procedure that requires your IT and security teams to look closely at your firewall documentation and change management processes. Your team may want to use a specific software to track the list of objectives and steps, or you may just use a Google or Word document and share it with relevant stakeholders.

Compliance 105

Compliance Risk Access Sales 105

Hunton Privacy

MAY 25, 2021

In December 2017, OCR began a compliance review of Peachstate to determine the company’s compliance with the HIPAA Privacy and Security Rules. According to Acting OCR Director Robinsue Frohboese, “Clinical laboratories, like other covered health care providers, must comply with the HIPAA Security Rule.

Security 102

Security Compliance Risk Privacy 102

The Last Watchdog

JANUARY 17, 2022

If targets such as defect density or compliance to scanner policy (i.e. Minimum adherence to security requirements policy, based on an application’s inherent risk profile, can lead to reduction in risk vulnerabilities. Another problem is organizations creating their own requirements in documents or home-grown tools.

Sales 240

Sales Compliance B2B Risk 240

eDiscovery Daily

JANUARY 10, 2024

This integration will enable more precise identification of key documents and information, giving practitioners a clearer understanding of the case early on and influencing the speed to litigation, settlement, or other strategic decisions. Blockchain technology can add security to data, but it will also raise privacy concerns.

Blockchain 73

Blockchain Artificial Intelligence Cloud Compliance 73

Hunton Privacy

FEBRUARY 2, 2022

On January 28, 2022, in celebration of Data Privacy Day, the Colorado Attorney General’s Office issued prepared remarks from Colorado Attorney General Phil Weiser and published guidance on data security best practices. Regularly reviewing and updating security policies.

Privacy 102

Privacy Security Data breaches Ransomware 102

erwin

SEPTEMBER 10, 2020

Not Documenting End-to-End Data Lineage Is Risky Busines – Understanding your data’s origins is key to successful data governance. And, for a lot of organizations, they’ve relied mostly on manual processes – if data lineage documentation has been attempted at all. Policy Bloat and Unruly Rules. You need real collaboration.

Digital transformation 131

Digital transformation Metadata Government Compliance 131