The First Step in Vendor Compliance Management: Risk Assessments

by Sarah Harvey / June 13, 2023

If your organization utilizes a third-party vendor to conduct part of your business process – whether that be billing, customer service, data processing, etc. – the risks associated with that partnership could ultimately put you out of business. Because of this, establishing a formal risk assessment process allows organizations to do their due diligence and lays the foundation for effective vendor compliance management. But how can it be done? You…

GDPR Fundamentals: Data Subject Rights

by Mark Hinely / April 5, 2023

 GPDR is such a revolutionary law because its focus is so heavily on the data subjects and protects personal data not only in the shape of security, but also in privacy. The law actually gives data subjects seven rights, outlines in Chapter 3. These seven rights of data subjects ensure transparency between data subjects and those organizations that are processing their personal data and include: Right to access Right…

How to Read Your Vendor’s SOC 1 or SOC 2 Report

by Sarah Harvey / June 13, 2023

Most organizations outsource some aspect of their business to vendors, whether it’s to perform a specific, integral task or replace an entire business unit. Vendors can be in roles like customer support, financial technology, record storage, software development, or claims processing. Using vendors can further an organization’s business objectives, enable them to function more effectively, and may be more cost-efficient. With all these opportunities, organizations must remain aware of the…

GDPR Fundamentals: The Basics of the Law

by Mark Hinely / April 5, 2023

 Have you been clicking “Accept” on a lot more sites asking for consent to use cookies? Did you receive a flood of updated privacy policies from brands you are subscribed to? Have you noticed that companies who’ve been recently breached are giving out a lot more information about the event than they normally would? There is a reason for all of this, and it’s GDPR. What is GDPR? Born…

GDPR Readiness: How GDPR Impacts Privacy Policies

by Sarah Harvey / July 12, 2023

Privacy Policies and GDPR Since GDPR has become enforceable, the impact of the law on privacy policies has been quite noticeable. Did you receive an influx of emails from your favorite companies notifying you of updates to their privacy policies? In an effort to create GDPR-compliant privacy policies, many organizations rushed to meet the May 25th, 2018 enforcement deadline. But what are some of the mistakes these companies are making while…