Data Privacy
Data privacy, also known as information privacy, focuses on the proper handling of data usage, consent, notice, and regulatory obligations. It also includes discussion on the right to control how data is collected, shared, retained, or deleted. Our data privacy blog posts and news articles are written for compliance officers, auditors, and legal professionals. They include expert insights, opinions, training opportunities, events, whitepapers, podcasts, and webinars.
On March 24, Utah joined the ranks of California, Colorado and Virginia, becoming the fourth U.S. state to enact a consumer data privacy law. But it will not be the last, says Alexis Kateifides, senior counsel at OneTrust’s Centers of...
Read more
Data anonymization techniques that maintain a 1:1 relationship between personal info and the people to whom they relate are appropriate in certain use cases. But depending on these techniques in live production environments leaves companies—along with their users and/or employees—vulnerable...
Read more
Since last year's Data Privacy Day, system down times have continued to lengthen. Cyber insurance has continued to grow more expensive. AI remains a double-edged sword. As always, awareness training and security protocols serve the best shields in the ongoing...
Read more
In 2022, nations and organizations around the world will continue working to protect customer data against hackers and accidental breaches. From new international regulations to artificial intelligence, here is a look at how cyber compliance is shifting priorities. We often...
Read more
Third-party risk management (TPRM) has grown in prominence as organizations increase their reliance on external parties, from cloud providers to credit card processors. As more enterprises invest in this critical business function, certain best practices are becoming key to a...
Read more
Moving the needle on data privacy and infosec can be a Sisyphean task. In the struggle, many directors and executives have reached a point of cybersecurity fatigue. But threat actors are only gaining steam. With updating security protocols, the goal...
Read more
Getting hit by a ransomware attack can throw your week, if not your month or your year, into disarray. But depending on the breach, you might have several viable paths forward to recover your data. You might even be able...
Read more
On December 15, 2020, the European Commission published its proposals for the European Union Digital Services Act (EU DSA), which aims to create a safer online environment for EU citizens by legally requiring online service providers to swiftly remove illegal content...
Read more
On May 12, 2021, the U.K. government published its draft Online Safety Bill which will place a legal obligation on online platform operators and interactive website owners to swiftly remove illegal content. Under the draft bill, very large online platforms,...
Read more
In many spheres, PCI DSS is like the law of gravity: It affects just about everything. PCI DSS 4.0, the first major update since 2013, is right around the corner. If your business so much as smells cardholder data, this...
Read more
Both your company's data supply chain and its physical version have fundamentally similar business risks. Given the consequences of unethical practices along both, enterprises can no longer ignore how data is sourced, how it is managed or where it is...
Read more
TrustArc, the leader in data privacy management and automation has released its 2021 TrustArc Global Privacy Benchmarks Report. Now in its second year, the report highlights how companies’ priorities and strategic approaches to data privacy and security are evolving and...
Read more
