What to Ask Your Vendors About GDPR Compliance

by Sarah Harvey / December 16, 2022

Are Your Vendors Data Processors? Vendor compliance management is a key starting point towards GDPR compliance. When your organization is deciding whether to use a vendor as part of your GDPR compliance efforts, you must follow GDPR vendor (processor) compliance management best practices. As a controller, you determine the purpose and means for processing personal data. You have authority and decision-making over personal data and take on the responsibilities of…

Understanding the Importance of Information Security and Personal Privacy for Your Employees

by Benjamin Wright / December 22, 2022

 Why Do You Need a Security Awareness Program? Continuous education is a key way that organizations can ensure that their employees stay up-to-date with current industry best practices, and teaching employees and contractors the importance of information security and personal privacy should be an integral part of it. For organizations who process personally identifiable information (PII) and protected health information (PHI), maintaining a security awareness program allows organizations to…

Been Breached? How to Report Consumer Risk with a Risk Assessment

by Benjamin Wright / April 12, 2023

 Using a Risk Assessment to Report Consumer Risk Because there are so many different laws that regulate how and when an organization must give notice if it has had a data security breach, understanding what the correct plan of action is for your organization or determining how to report consumer risk from breaches might be daunting. Nevertheless, the laws do have one major commonality: does the consumer suffer a…

Benjamin Wright on Information Security and Digital Investigations

by Benjamin Wright / December 22, 2022

 Who is Benjamin Wright? Benjamin Wright is an attorney from Dallas, TX. He is also an instructor for the SANS Institute, where he teaches a five-day course called the “Law of Data Security and Investigations.” In this video series, KirkpatrickPrice partnered with Wright to create introductory educational materials on a variety of topics related to information security and digital investigations. While this video series provides a general overview on…

7 Deadly Breaches of 2018 (So Far)

by Sarah Harvey / December 16, 2022

With the complexity of the current threat landscape, organizations must be more alert than ever to potential data breaches. Who will be next? What happened? What will the fine be? While we’re only midway through 2018, we’ve seen headline after headline from organizations who have come forward to notify their customers of breaches. Let’s a take look at some of the top data breaches of 2018 to learn what went…