5 Ways To Implement Compliant GDPR Encryption Processes

by Hannah Grace Holladay / June 6th, 2022

 The General Data Protection Regulation (GDPR) imposes security and privacy regulations that apply to businesses that store or process European Union residents’ personal data. It enacts a broad range of measures to give data subjects control over their data and protect them from unauthorized exposure.  Encryption is a vital aspect of obtaining GDPR compliance. Encryption protects your organization so that in the event that data is lost, stolen, or compromised,…

Learning from Twitter’s Privacy Mistakes

by Sarah Harvey / August 13th, 2020

Because of the ever-changing landscape of privacy laws, standards, and guidelines, it has become difficult for businesses to know what their obligations are, and even harder to determine what could constitute non-compliance. Fortunately, Twitter’s mistakes now provide us with an example of what a violation looks like. Twitter has been in the spotlight for a recent hack, and now the Federal Trade Commission is investigating its privacy practices regarding targeted…

What’s Going On With the EU-US Privacy Shield Agreement?

by Sarah Harvey / August 6th, 2020

The Latest With Privacy Shield On July 16, the Court of Justice for the European Union made a landmark decision to invalidate the EU-US Privacy Shield arrangement for international data transfers. Prior to this announcement, Privacy Shield was one of several mechanisms for meeting GDPR data protection requirements for data leaving the EU for the US. The Court’s decision impacts the thousands of organizations participating in and relying on Privacy…

How to Write a Privacy Policy (With 3 Sample References)

by Sarah Harvey / March 20th, 2020

The Importance of Privacy Policies in Today’s Data-Centric Landscape It’s no secret that data is now the most valuable asset worldwide. With nearly all organizations relying on some form of data to fuel their business, consumers and policy makers have started highlighting the need to more transparent about how they collect, use, store, and transmit data, starting with their privacy policies. Because consumers have become more interested in how their…

Breach Notification in New York: The SHIELD Act

by Sarah Harvey / December 16th, 2019

On July 25, 2019, New York Governor Cuomo signed the Stop Hacks and Improve Electronic Data Security (SHIELD) Act which amends the state’s breach notification law in order to “impose stronger obligations on businesses handling private data to provide proper notification to affected consumers when there is a security breach.” The breach notification amendments took effect in October 2019, while the data security requirements will take effect on March 21,…