Governance Archives

The Role of a Data Protection Officer

September 22, 2020
Max Totsky
Data Protection, DPO, GDPR, Governance, Hiring
0 Comments

Privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and, more recently, Dubai’s Data Processing Law (DPL 2020) make it mandatory for organizations to appoint a Data Protection Officer (DPO). Under GDPR, a DPO is required for any…

Building a Governance Department: A Guide

August 18, 2020
Max Totsky
Data Mapping and Inventory, Data Privacy, Governance, Hiring

Editor’s Note: This is the second article in a series geared toward small and medium-sized enterprises that are building dedicated governance teams to deal with emerging data privacy laws like GDPR and CCPA. For the many organizations that have begun to grapple with the reality of data privacy laws–the challenge of compliance can seem insurmountable.…

To access this post, you must purchase Student, Government or Professional.

Breaking Down the EasyJet Hack

June 9, 2020
Max Totsky
Breach prevention, Breach response, Data Protection, GDPR, Governance

Earlier this month, European budget airline EasyJet was hacked. In a “highly sophisticated attack,” 9 million customers had personal information, including email addresses and travel itineraries, compromised. And 2,208 customers had their credit card information stolen. The attack has left many customers “in limbo”, with many questioning how a company that claimed to comply with…

To access this post, you must purchase Student, Government or Professional.

How to Build a RACI Matrix

June 8, 2020
Max Totsky
Governance, Members Only, Project Management, RACI

Every member of an institution–from board member to secretary–is responsible for playing a part in data privacy and cybersecurity. The caveat to this rule is that no two roles should have the same level of responsibility, and institutions which fail to properly assign duties risk inefficiencies at best, and compliance-related fines at worst. There are…

To access this post, you must purchase Student, Government or Professional.

Advisory Board Member Jody Westby: Coronavirus Response Requires D&O Review

Editors Note: This article was written by Advisory Board Member, Jody Westby, for LeadersEdge, the content platform of The Council of Insurance Agents & Brokers. As most organizations and governments closed their offices and ordered employees to work from home…

Cybersecurity: Executives Throughout the Organization Must Be Involved

February 18, 2020
Carlos Solari
Compliance, Cybersecurity, Governance, Resilience
0 Comments

We live in a world where cybersecurity breaches have become everyday occurrences. The headlines generally describe the same scenario, played out again and again. Bad actors find a backdoor, companies and government agencies are blindsided, consumer data is compromised. The…

No Exemptions: Banks Need to Comply With the CCPA and the GLBA

Many financial organizations are under the impression that they are not required to comply with the California Consumer Privacy Act (CCPA) because their data privacy practices are already regulated by several state and local laws, including the California Financial Information Privacy Act (CalFIPA), the Fair Credit Reporting Act (FCRA), and the Gramm-Leach Bliley Act (GLBA)…

To access this post, you must purchase Student, Government or Professional.