Non-Disclosure Agreement Risks – When and How to Sign a Non-Disclosure Agreement

by Benjamin Wright / December 22, 2022

 What Risks are Associated with Signing a Non-Disclosure Agreement? Non-disclosure agreements (NDA) are often used in the technology world as a form of legal control. Many organizations even exchange NDAs amongst themselves; however, an NDA is never risk-free. When looking at an NDA from the perspective of an organization that is asked to sign an NDA that favors another party, that organization is being asked to agree to the…

GDPR Readiness: How GDPR Impacts Privacy Policies

by Sarah Harvey / July 12, 2023

Privacy Policies and GDPR Since GDPR has become enforceable, the impact of the law on privacy policies has been quite noticeable. Did you receive an influx of emails from your favorite companies notifying you of updates to their privacy policies? In an effort to create GDPR-compliant privacy policies, many organizations rushed to meet the May 25th, 2018 enforcement deadline. But what are some of the mistakes these companies are making while…

What NY CRR 500 Means for Vendor Compliance Management

by Sarah Harvey / December 16, 2022

NY CRR 500 and Vendor Compliance In March 2017, the New York State Department of Financial Services Cybersecurity Requirements Regulation for Financial Services Companies Part 500 (NY CRR 500) of Title 23 went into effect, establishing new cybersecurity requirements for financial services companies. NY CRR 500 requires that financial services companies (covered entities) develop a cybersecurity program that protects the confidentiality, integrity, and availability of sensitive customer information and information…

What to Look for in a Quality Vendor

by Sarah Harvey / June 15, 2023

Vendor Compliance Most organizations utilize third-party vendors to assist them in fulfilling their business needs because they just can’t do it all themselves. These vendors play a critical role in allowing organizations to sustain their business, but they can also be a liability for a company. Why? Because if a third-party vendor isn’t properly vetted, they can pose a major risk to an organization. Let’s say that your organization is…

Monitoring Employee Records and Communications Best Practices

by Benjamin Wright / February 22, 2023

 Should Companies Monitor Employee Records and Communications? When organizations supply their employees with personal electronic devices, such as laptops, cell phones, or tablets, they will often have a policy or contract that explains that the employer reserves the right to monitor employee records and communications while they’re using company-owned equipment. Although these devices are used for personal communication as well as work reasons, such policies exist to ensure that…