New mandatory breach notification for health information in Alberta

August 31, 2018|Security Features

 On Aug. 31, Alberta will become the latest province to enact mandatory breach notification and reporting for personal health information data breaches. Alberta will join a small but growing group of provinces that includes Ontario, New Brunswick, Nova Scotia and Newfoundland, and Labrador that impose these obligations on health care providers and organizations subject to health-sector privacy legislation.

Read More

Why the Entire C-Suite is Responsible in a Data Breach

August 30, 2018|Security Features


C-suite executives and IT cyber pros not seeing eye to eye on cybersecurity is a common concern, but when crisis strikes this lack of alignment can have potentially catastrophic business-ending consequences. In fact, IBM’s 2018 Cost of a Data Breach Study found the average cost of a data breach is up 6.4 percent globally—about $3.86 million.

 While it might ruffle some feathers, the reality is that in today’s digital world, “checking the box” with cybersecurity just doesn’t cut it when it comes to protecting sensitive data, which is why the entire C-suite bears some responsibility in a data breach.

Read More

Evaluating Privacy Compliance In The Canadian Cloud

August 29, 2018|Security Features


The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada’s set of privacy laws that pertain to how commercial entities manage the collection, use, and disclosure of personal information. Equip your businesses with the information needed to bring your organization into compliance with the laws.

It is the responsibility of each business to be compliant with PIPEDA. It is crucial to conduct compliance assessments at each change in protocol, processes, or policies, and to fully understand all that is required of businesses in regard to PIPEDA. This is particularly crucial when moving to the cloud or when reviewing their cloud service agreement.

Read More

Smarter data: the sharpest weapon to fight eCommerce fraud

August 24, 2018|Security Features


It is estimated that card-not-present fraud will cost retailers $71 billion globally from 2017 - 2021.

E-commerce offers an experience that transcends the barriers of time and distance, allowing consumers to browse and purchase items via a few swipes and the click of a button. It’s no surprise then, that the last couple of years has seen a steady stream of news stories highlighting the shift away from bricks-and-mortar stores to buying and exchanging goods and services online.

Read More

The Cybersecurity Regulations Healthcare, Financial Services, and Retail Industries Must Know About

August 22, 2018|Security Features



Cyberattacks are often motivated by the desire to steal and sell sensitive data, such as credit card and financial records, personally identifiable information (PII) including social security numbers, or protected health information (PHI). Once obtained, this data can be readily sold on the dark web to be used in fraudulent transactions, or for illegal activities such as credential stuffing attacks.

Read More

Top 10 list of dark web activities that indicate a breach

August 06, 2018|Security Features


Research analysts at Terbium Labs released a list of the most common activities seen on the dark web that indicate a breach, or other unwanted incidents, has taken place.

Despite increased security budgets and better defenses, organizations are losing the battle against cyber attacks. According to the 2018 Cost of Data Breach Study: Global Overview by Ponemon Institute and IBM Security, data breaches continue to be costlier and result in more consumer records being lost or stolen, year after year .

Read More

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

August 02, 2018|Security Features



Another month passes where I’m left thinking ‘I should really create a Healthcare category’. So, from next month – I’ll be doing exactly that.

There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans.

I count this month’s list of known leaked records to be 139,731,894

Read More

The California Consumer Privacy Act should be Condemned, not Celebrated

August 02, 2018|Security Features


California Consumer Privacy Act-1

For years, many privacy professionals yearned for a comprehensive U.S. privacy law. So when California enacted the California Consumer Privacy Act, a comprehensive privacy law, you’d expect the privacy community to cheer loudly. However, the celebration has been muted—for good reason. It’s impossible to cheer a terrible law that passed via a terrible procedure.

Read More

How Rogue Data Puts Organizations At Risk of GDPR Noncompliance

August 02, 2018|Security Features


The GDPR compliance deadline came in by force on 25th May 2018 and applies to all organizations processing and holding the personal information of data subjects. This includes contacts such as customers, partners and patients. Much has been written about the immense efforts of organizations to improve their data privacy procedures in order to comply with GDPR, but there is a largely undiscussed oversight lurking just under the surface which, if left unaddressed, still leaves organizations exposed to potential risks and hidden costs.

Read More