27 March, 2020 | Mike Tierney

Does GDPR Apply to US Companies?

In May of 2018, the European Union enacted one of the world’s strictest set sets of rules for personal data protection. The formal name of this legislation is the General Data Protection Regulation, but it is more commonly known as the GDPR. Handpicked related content: [Free Guide] GDPR...
17 March, 2020 | Ryan Brooks

Data Classification for Compliance: Looking at the Nuances

Data classification is a critical part of any information security and compliance program. It involves identifying the types of data that an organization stores and processes, and the sensitivity of that data, based on sets of rules. For example, data classification is often used to identify data...
3 March, 2020 | Jeff Melnick

Guide to the GDPR for Small Business

Is your organization compliant with the GDPR? Does it need to be? Too many small businesses in the United States don’t know the answer to those questions. It’s understandable, especially considering that the GDPR is a European law. Plenty of US businesses assume that they don’t need to...
27 February, 2020 | Ilia Sotnikov

Privacy Regulations Changing the Face of Cybersecurity

The regulatory climate around the world is changing rapidly. Scores of new regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and similar laws in other U.S. states, are being enacted in response to growing concerns about privacy and...
30 January, 2020 | Ryan Brooks

GDPR Data Subject Rights: How to Handle the Requests

The General Data Protection Regulation (GDPR) is designed to respond to a growing concern about inappropriate use of personal data and add responsibilities for companies for their response to data breaches. In this article, we explore GDPR data subject rights, including what a data subject...
17 December, 2019 | Ryan Brooks

Data Subject Access Request (DSAR): The Essentials

The EU General Data Protection Regulation (GDPR) grants individuals the right to find out what personal data an organization (called a data controller) holds about them by submitting a data subject access request (DSAR). This right is detailed in Article 15, “Right of access by the data...
12 December, 2019 | Ryan Brooks

The Right to be Forgotten: EU laws and U.S. Concerns

One of the fundamental data privacy rights protected under the General Data Protection Regulation (GDPR) is the right to be forgotten. This GDPR provision can be quite a burden for organizations because each request to delete a data subject’s personal data needs to be evaluated individually and...
24 October, 2019 | Ilia Sotnikov

Why New Privacy Regulations Are a Business Enabler, Not an Enemy

Personal information (PI) is the future of business because it helps provide customers with a customized experience that leads them to buy more. However, companies can no longer collect personal data without restraint, given the growing wave of consumer rights advocacy and privacy regulations such...
18 June, 2019 | Ryan Brooks

GDPR Fines Issued So Far: Key Takeaways

The GDPR at a glance It has been a year since the General Data Protection Regulation (GDPR) came into effect, following years of discussion about data security fit for the digital age. One of the most stringent regulations to date, the GDPR applies to every business or public body that collects,...
11 June, 2019 | Ryan Brooks

Data Security Explained: Definition, Risks and Technologies

More than ever, digital data security is on the agenda in many organizations. The focus on protection of sensitive or critical data, such as intellectual property and personal data, is a result of growing cyber risks and increasingly stringent data security regulations. Today, protecting...
Show more articles
...