What are the Challenges of a Bring-Your-Own-Device Policy? Given that personal electronics are so prevalent in today’s society, navigating how to implement and enforce policies in the workplace regarding the use of devices (such as cell phones, tablets, and computers) can be challenging. It is often questioned who has the control over the records that are created and stored on such devices – is it the employee or the…
by
Sarah Harvey / December 16, 2022
Are Your Vendors Data Processors? Vendor compliance management is a key starting point towards GDPR compliance. When your organization is deciding whether to use a vendor as part of your GDPR compliance efforts, you must follow GDPR vendor (processor) compliance management best practices. As a controller, you determine the purpose and means for processing personal data. You have authority and decision-making over personal data and take on the responsibilities of…
Why Do You Need a Security Awareness Program? Continuous education is a key way that organizations can ensure that their employees stay up-to-date with current industry best practices, and teaching employees and contractors the importance of information security and personal privacy should be an integral part of it. For organizations who process personally identifiable information (PII) and protected health information (PHI), maintaining a security awareness program allows organizations to…
Using a Risk Assessment to Report Consumer Risk Because there are so many different laws that regulate how and when an organization must give notice if it has had a data security breach, understanding what the correct plan of action is for your organization or determining how to report consumer risk from breaches might be daunting. Nevertheless, the laws do have one major commonality: does the consumer suffer a…
Who is Benjamin Wright? Benjamin Wright is an attorney from Dallas, TX. He is also an instructor for the SANS Institute, where he teaches a five-day course called the “Law of Data Security and Investigations.” In this video series, KirkpatrickPrice partnered with Wright to create introductory educational materials on a variety of topics related to information security and digital investigations. While this video series provides a general overview on…
