Ë

The EU-US Privacy Shield offered US businesses an opportunity to meet GDPR requirements prior to enforcement actions, yet the US government continued to neglect data privacy, positioning the EU Parliament to force a unified data protection standard by suspending the Privacy Shield

Read More

The GDPR compliance deadline came in by force on 25th May 2018 and applies to all organizations processing and holding the personal information of data subjects. This includes contacts such as customers, partners and patients.

Read More

Achieving compliance with GDPR, PIPEDA, or PCI is like reaching a destination, but of the three, only PCI includes a roadmap that leads directly to formal compliance through a linear, finite, and predictable process.

Read More

Being alert to how our data is being used and asking why it’s being gathered in the first place equips us with the skills we need to protect our digital DNA.

Read More

A full month has passed since the EU General Data Protection Regulation went into effect May 25, and the GDPR has already had a wide-ranging global impact, with multiple U.S.-based news sites, such as the Los Angeles Times, restricting access to EU users and complaints reportedly coming in regarding the practices of big tech companies.

Read More

The arrival of the digital age means that the way people understand and interact with data is changing rapidly. The GDPR can help to clarify individual rights in the digital age, as well as creating a “digital single market” within the EU

Read More

Any Canadian business that collects personal information about residents of the European Union — whether they’re tourists, students or online customers — risks maximum fines of $30 million or more if they violate a sweeping new EU privacy law

Read More

Put simply, now that GDPR has arrived it isn't the end -- it's a new era of data privacy wherein organisations will have to constantly reevaluate data security and the consequences for failures. The GDPR journey is just beginning.

Read More

In truth, this should be called Data Discovery & Asset Management, because there’s absolutely no point having one without the other. Nor should these things not already be part of your standard practices.

Read More

Roughly half the blogs I’ve written in the last 6 months have been about the GDPR or privacy in general. I could take this as a good sign in that it beats hands-down writing about PCI

Read More