GDPR Fundamentals: Roles Under the Law – Controllers, Processors, and Joint Controllers

by Mark Hinely / April 5, 2023

GDPR divides responsibilities for organizations processing personal data based on their role, so determining which role your organization plays is one of the first steps towards GDPR compliance. You cannot know what your requirements or obligations under the law are until you do so. There are three major roles under GDPR: controllers, processors, and joint controllers. Let’s discuss what each of these roles mean and how your organization can determine…

When Will It Happen to You? Top Cybersecurity Attacks You Could Face

by Sarah Harvey / November 20, 2023

In the 2017 Internet Crime Report, an estimated $1.4 billion was lost due to different types of cybersecurity attacks. So, what does that mean for your industry? Simply put: no organization is safe these days. Data breaches have been occurring much more frequently, and malicious hackers are looking for any weak link in your organization to compromise your security posture. You must learn how to protect yourself, your clients, and…

GDPR Fundamentals: Legal Basis For Processing Data

by Mark Hinely / April 5, 2023

 6 Legal Bases for Processing Personal Data One of the seven major data processing principles of GDPR is to ensure that personal data is processed lawfully, fairly, and transparently. To comply this principle, Chapter 6 of the GDPR requires any organization processing personal data to have a valid legal basis for that personal data processing activity. Think of these as scenarios in which it would be lawful to process…

The First Step in Vendor Compliance Management: Risk Assessments

by Sarah Harvey / June 13, 2023

If your organization utilizes a third-party vendor to conduct part of your business process – whether that be billing, customer service, data processing, etc. – the risks associated with that partnership could ultimately put you out of business. Because of this, establishing a formal risk assessment process allows organizations to do their due diligence and lays the foundation for effective vendor compliance management. But how can it be done? You…

GDPR Fundamentals: Data Subject Rights

by Mark Hinely / April 5, 2023

 GPDR is such a revolutionary law because its focus is so heavily on the data subjects and protects personal data not only in the shape of security, but also in privacy. The law actually gives data subjects seven rights, outlines in Chapter 3. These seven rights of data subjects ensure transparency between data subjects and those organizations that are processing their personal data and include: Right to access Right…