EU Releases Draft Decision on UK Data Privacy Standards

Since the start of 2021, post-Brexit data relationships between the European Union and the United Kingdom have been governed by The EU-UK Trade and Cooperation Agreement, which established a 4-6 month temporary period where data could flow freely between the two jurisdictions.  Beyond that, the future was unclear. The grace period could have been extended…
To access this post, you must purchase Student, Government or Professional.
Read More

Why Your Organization Should Implement “Privacy by Design”

 Privacy by Design (PBD) the idea that organizations should design every part of their operation with data privacy in mind was popularized by the European Union’s General Data Privacy Regulation (GDPR). Any products or services that call for the processing of personal data should account for privacy from their inception and every stage of development…
To access this post, you must purchase Student, Government or Professional.
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
To access this post, you must purchase Student, Government or Professional.
Read More
CANADA PROPOSED NEW DATA PRIVACY LEGISLATION

Canada Proposes New Data Privacy Legislation

It’s been a busy year for privacy legislation. California voted to expand the scope of personal information, the EU put limits on data transfers to the United States, and Brazil unveiled a law that, among other things, calls for companies to hire a Data Protection Officer.  Since 2000, data privacy in Canada’s private sector has…
To access this post, you must purchase Student, Government or Professional.
Read More
COMPLIANCE FRAMEWORK

Why Your Organization Needs a Compliance Framework

With every new piece of data privacy legislation, more and more companies are scrambling to prioritize their customers’ privacy.  That means making sure the entire organization is on the same page when it comes to cybersecurity. One way to do that is by implementing a compliance framework–a standardized set of best practices that help an organization…
To access this post, you must purchase Student, Government or Professional.
Read More
Data Protection Officer

The Role of a Data Protection Officer

Privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and, more recently, Dubai’s Data Processing Law (DPL 2020) make it mandatory for organizations to appoint a Data Protection Officer (DPO). Under GDPR, a DPO is required for any organization that consistently monitors EU-based data subjects on a large scale. This might exclude smaller…
To access this post, you must purchase Student, Government or Professional.
Read More
Hiring A Data Governance Team

Building a Governance Department: A Guide

Editor’s Note: This is the second article in a series geared toward small and medium-sized enterprises that are building dedicated governance teams to deal with emerging data privacy laws like GDPR and CCPA. For the many organizations that have begun to grapple with the reality of data privacy laws–the challenge of compliance can seem insurmountable.…
To access this post, you must purchase Student, Government or Professional.
Read More
EasyJet Hack

Breaking Down the EasyJet Hack

Earlier this month, European budget airline EasyJet was hacked. In a “highly sophisticated attack,” 9 million customers had personal information, including email addresses and travel itineraries, compromised. And 2,208 customers had their credit card information stolen. The attack has left many customers “in limbo”, with many questioning how a company that claimed to comply with…
To access this post, you must purchase Student, Government or Professional.
Read More
RACI Matrix

How to Build a RACI Matrix

Every member of an institution–from board member to secretary–is responsible for playing a part in data privacy and cybersecurity. The caveat to this rule is that no two roles should have the same level of responsibility, and institutions which fail to properly assign duties risk inefficiencies at best, and compliance-related fines at worst. There are…
To access this post, you must purchase Student, Government or Professional.
Read More
Back To Top