GDPR Fundamentals: Data Protection Officers

by Mark Hinely / April 5, 2023

 Most organizations who are required to comply with GDPR will have a Data Protection Officer (DPO). The requirement to have a DPO applies if you are a public authority, if your regular activities require large-scale and systematic monitoring, or if your core activities consist of large-scale processing of special categories of data. Qualifications of a Data Protection Officer When hiring a DPO, GDPR specifies that the individual must have…

Business Continuity and Disaster Recovery: How to Avoid a Crash Landing

by Randy Bartels / June 14, 2023

I Piloted an Emergency Landing, and So Can You It can be easy to put business continuity and disaster recovery planning on the back burner if your organization has never been affected by a disaster. But what would happen if a power outage, tornado, or data breach hit your organization and you didn’t have any plan in place? Disaster strikes when you’re least expecting it. It’s critical that you ensure…

5 Questions to Ask When Choosing Your Audit Partner

by Sarah Harvey / September 13, 2023

What would it cost you if your top client was not satisfied with the quality of your audit? In the current threat landscape, it’s absolutely crucial for organizations to find information security audit firms who take risk factors, security and privacy obligations, and cybersecurity seriously. In order to successfully protect your data and your reputation, you must first choose an audit firm. This can be an overwhelming task, but it’s…

GDPR Fundamentals: Roles Under the Law – Controllers, Processors, and Joint Controllers

by Mark Hinely / April 5, 2023

GDPR divides responsibilities for organizations processing personal data based on their role, so determining which role your organization plays is one of the first steps towards GDPR compliance. You cannot know what your requirements or obligations under the law are until you do so. There are three major roles under GDPR: controllers, processors, and joint controllers. Let’s discuss what each of these roles mean and how your organization can determine…

GDPR Compliance Best Practices for Today and Tomorrow

by Sarah Harvey / February 6, 2023

Ensuring that your organization is GDPR compliant is paramount if your call center collects, stores, processes, or transmits the personal data of EU data subjects. Because of this, we suggest following these GDPR best practices: Data Mapping: Organizations need to identify where their data is coming from and where it goes. A call center associate might collect a name, date of birth, and email address, but a payment collection associate…