Data is the most important asset that healthcare has and it must be protected by all covered entities, business associates, and other third-party vendors.

When Marriott International acquired Starwood in 2016 for $13.6 billion, neither company was aware of a cyber-attack on Starwood’s reservation system that dated back to 2014.

As the Facebooks and Googles of the world continue to illustrate, companies rarely protect your privacy for you. Instead, they often do the opposite, selling your data to third-parties. And even seemingly harmless data can still tell data buyers a lot about you. 

One of the defining moments for tech in 2018 was on May 25, when the EU implemented its General Data Protection Regulation — the ominous GDPR.

The Office of the Privacy Commissioner will begin to apply these guidelines on January 1, 2019. The release of these guidelines is part of the Office’s work to improve the current consent model under the Personal Information Protection and Electronic Documents Act (PIPEDA)

Despite the frequency of data breaches and their accompanying publicity, not many people actually understand the key concepts concerned with data storage, such as the difference between data privacy and data protection.

The experts I spoke with also saw concepts in the GDPR that were naturally complimentary to PIPEDA. Concepts like “accountability” and “privacy by design” could, and perhaps, should be given prominence in legislative amendments to PIPEDA.

The EU-US Privacy Shield offered US businesses an opportunity to meet GDPR requirements prior to enforcement actions, yet the US government continued to neglect data privacy, positioning the EU Parliament to force a unified data protection standard by suspending the Privacy Shield

79% of businesses are failing to put customer experience first, due to poor data quality,

While not everyone is a security expert, everyone can be security savvy enough if, and ONLY if, what they are supposed to do is written down!