On Aug. 31, Alberta will become the latest province to enact mandatory breach notification and reporting for personal health information data breaches. Alberta will join a small but growing group of provinces that includes Ontario, New Brunswick, Nova Scotia and Newfoundland, and Labrador that impose these obligations on health care providers and organizations subject to health-sector privacy legislation.Read More
C-suite executives and IT cyber pros not seeing eye to eye on cybersecurity is a common concern, but when crisis strikes this lack of alignment can have potentially catastrophic business-ending consequences. In fact, IBM’s 2018 “Cost of a Data Breach Study” found the average cost of a data breach is up 6.4
While it might ruffle some feathers, the reality is that in today’s digital world, “checking the box” with cybersecurity just doesn’t cut it when it comes to protecting sensitive data, which is why the entire C-suite bears some responsibility in a data breach.Read More
The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada’s set of privacy laws that pertain to how commercial entities manage the collection, use, and disclosure of personal information. Equip your businesses with the information needed to bring your organization into compliance with the laws.
It is the responsibility of each business to be compliant with PIPEDA. It is crucial to conduct compliance assessments at each change in protocol, processes, or policies, and to fully understand all that is required of businesses in regard to PIPEDA. This is particularly crucial when moving to the cloud or when reviewing their cloud service agreement.Read More
It is estimated that card-not-present fraud will cost retailers $71 billion globally from 2017 - 2021.
E-commerce offers an experience that transcends the barriers of time and distance, allowing consumers to browse and purchase items via a few swipes and the click of a button. It’s no surprise then, that the last couple of years has seen a steady stream of news stories highlighting the shift away from bricks-and-mortar stores to buying and exchanging goods and services online.Read More
Research analysts at Terbium Labs released a list of the most common activities seen on the dark web that indicate a breach, or other unwanted incidents, has taken place.
Despite increased security budgets and better defenses, organizations are losing the battle against cyber attacks. According to the 2018 Cost of Data Breach Study: Global Overview by Ponemon Institute and IBM Security, data breaches continue to be costlier and result in more consumer records being lost or stolen, year after year
Another month passes where I’m left thinking ‘I should really create a Healthcare category’. So, from next month – I’ll be doing exactly that.
There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans.
I count this month’s list of known leaked records to be 139,731,894Read More
For years, many privacy professionals yearned for a comprehensive U.S. privacy law. So when California enacted the California Consumer Privacy Act, a comprehensive privacy law, you’d expect the privacy community to cheer loudly. However, the celebration has been muted—for good reason. It’s impossible to cheer a terrible law that passed via a terrible procedure.
The GDPR compliance deadline came in by force on 25th May 2018 and applies to all organizations processing and holding the personal information of data subjects. This includes contacts such as customers, partners and patients. Much has been written about the immense efforts of organizations to improve their data privacy procedures in order to comply with GDPR, but there is a largely undiscussed oversight lurking just under the surface which, if left unaddressed, still leaves organizations exposed to potential risks and hidden costs.Read More