Clearly US businesses are not immune to privacy regulation in Europe. If there was any doubt, look to Google’s fine yesterday under the GDPR. The largest fine yet to be imposed is being levied against one of the most recognizable technology brands in the world…. Continue Reading
What Happened? France’s Supervisory Authority (CNIL) has fined Google $56.8 millions Euros for what the data protection watchdog believes is a violation by the multinational tech company on EU’s General Data Protection Regulation (GDPR). How did it start? After receiving complaints based on ‘forced consent’… Continue Reading
On November 1st the data breach reporting requirements under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) went into effect. US companies should be aware of these requirements and evaluate their operations to determine the applicability as well as what adjustment may be required to… Continue Reading
To give a little background, in March of this year, an exposé published in the Guardian and New York Times revealed that the personal data of 87 million Facebook users, 1 million of which were UK Facebook users, was harvested from their profiles through personality quizzes… Continue Reading
Social Engineering is a low-tech method used for gaining access to resources whether they are physical, technical, monetary, or informational (e.g. trade secrets, confidential). Phishing is one example of Social Engineering What is Social Engineering? Social Engineering is the art and science of getting people… Continue Reading
As a Certified HITRUST Assessor and career healthcare compliance and security specialist, I was very pleased to see OCR’s April Cybersecurity newsletter highlighting the differentiation between a HIPAA RISK Analysis and a HIPAA GAP Analysis. The confusion or lack of true understanding around the difference in these two… Continue Reading
As the GDPR enforcement date is upon us, many companies are shifting into panic mode trying to really understand not only what the GDPR means to their company operationally, but also where their true risk lies. How do they evaluate that risk? How do they… Continue Reading
How does the GDPR compare to IKEA? Well they’re both European for starters, and while IKEA is #trendy, GDPR is #trending. With the work I’ve done with clients utilizing our consulting services for GDPR support (which is primarily serving as liaison between the client and… Continue Reading
“It was the best of times it was the…” No really – it was great! What an exciting opportunity we had at CompliancePoint last week as we hosted our workshop in Atlanta, “Navigating the GDPR.” As described at the event our goal was more interactive… Continue Reading
HITRUST addresses challenges within Healthcare As the most widely adopted framework within the healthcare industry, the Health Information Trust Alliance (HITRUST) was created to provide a certifiable standard for health information systems and exchanges that create, access, process, store or exchange protected health information… Continue Reading