Search Results for: gdpr

In May of 2018, companies raced to the finish line to accomplish GDPR compliance. Given that it was the first year of GDPR, many industry experts expected to not see any companies fined. That is all going to change in the year ahead. In January 2019, Google was hit with the first major GDPR fine of $57 million, putting an end to the unspoken grace period. Companies should recognize this as a warning: get compliant or risk massive fines. This is especially important as only 59 percent of organizations report meeting all or most GDPR requirements, 29 percent expect to do so within a year, and nine percent will take more than a year.

With the stress of GDPR and potential increase in consumer privacy legislation looming on the horizon, CISOs need help. Rather than continuing to spin their wheels, CISOs should consider governance, risk and compliance (GRC) solutions that simplify GDPR compliance by streamlining operations to avoid fines and penalties altogether. Below I put together three ways that a GRC solution can help.

Continue reading →

It is now a year since GDPR (General Data Protection Regulation) rules came into effect in Europe, and on this anniversary, Microsoft is starting a conversation about bringing similar privacy regulation to the US.

The company praises the privacy framework and says that it has improved how companies handle their customers' personal data. It says that GDPR has inspired a global movement that has seen countries around the world adopt new privacy laws, and that it is time for the US to follow suit.

Continue reading →

Only half of companies achieved compliance with GDPR before the May 25, 2018 deadline, and most companies took seven months or longer to achieve readiness.

This is among the findings of a new report from privacy management platform DataGrail which also reveals that two-thirds of companies assigned dozens, or even hundreds, of employees to manage GDPR compliance.

Continue reading →

The UK is looking at hitting technology companies with financial penalties if they fail to do enough to counter "harmful content" on their platforms.

Jeremy Wright, the Digital, Culture, Media and Sport (DCMS) secretary, says that tech firms need to be made to "sit up and take notice" when it comes to dealing with problematic content. While clearly aimed more at social media companies, the proposals would encompass other technology firms as well. The plans also suggest that search engines should remove links to offending websites, and that some sites could even be blocked completely.

Continue reading →

No one questions the good intent behind the EU’s General Data Protection Regulation (GDPR) legislation, or the need for companies to be more careful with the proprietary information they have about clients, patients, and other individuals they interact with regularly. While the provisions within the GDPR do help, they have also created new opportunities for hackers and identity thieves to exploit that data.

There’s no doubt that seeking to be fully GDPR compliant is more than just a good idea. Along the way, just make sure your organization doesn’t fall victim to one of the various scams that are surfacing. Let’s take a quick review of GDPR and then dive into the dirty tricks hackers have been playing.

Continue reading →

The roll out of GDPR (General Data Protection Regulation) has changed the face of privacy and data protection for millions of people across Europe. The regulation not only grants people access to the personal data companies hold about them, but also controls how this data can be used and transferred.

Apple's Tim Cook has already voiced his support for GDPR and said that the rest of the world should implement similar regulation. Now he has been joined by Cisco in calling for data laws to be embraced by the US as they have been in Europe.

Continue reading →

New figures from Kaspersky Lab show that more than a third (35.7 percent) of phishing attempts in the second quarter of 2018 attempts were related to financial services via fraudulent banking or payment pages.

The IT sector was second hardest hit, with 13.83 percent of attacks targeting technology companies, a 12.28 percent increase compared to Q1.

Continue reading →

Protecting customer data should always be a top priority for businesses. But doing so is increasingly extending beyond moral responsibility and taking on the form of legal requirement. As you’ve surely heard, the General Data Protection Regulation (GDPR) took effect May 25. This set of regulations, which replaces the Data Protection Act 1998, legislates online data rights for any organization that sells products or services to European Union (EU) customers.

Complying with these new rules might seem daunting (and even unnecessary) for US-based small businesses, particularly since there’s still a lot of confusion regarding the specifics of these new rules and requirements. But if you can understand these five keys to customer data protection, it will go a long way toward helping your business achieve compliance.

Continue reading →

GDPR -- it’s a nightmare for organizations, but a much-needed protection for citizens in our world of Cambridge Analytica, criminal hackers, and nation-states cyberthreats. There are many aspects of the regulation that are extremely tricky to implement, but let’s consider just one. Imagine the following scenario:

A new customer signs up to your eCommerce website. Their data gets moved into several back-end systems; maybe a CRM, an accounts system, an order management system, marketing, and probably some kind of data science workbench. Sometime later, an analyst is tasked with analyzing new customers and their behaviors, their retention rates, and other important factors. They know customer data is spread out across dozens of these systems, so they ask IT to prepare a dataset for them. Maybe a month later IT come back with a dataset that has been provisioned in the corporate Data Lake. The data isn’t quite fit for purpose and contains far more information than the analyst needs.

Continue reading →

Gmail is a great tool for personal email, but for business, not so much. Don't get me wrong, some organizations use it with great success, but overall, it is a bit weak. If you are a professional that uses Gmail, please know there is a really cool tool to enhance the service -- Mixmax.

If you aren't familiar, Mixmax leverages a special Chrome plugin to breathe new life into Google's email service -- we reported on it back in 2015. It lets you do things like track email engagement, more easily schedule meetings, and embed presentations, to name a few. It can even integrate with popular services like GitHub, Dropbox, and Salesforce. Mixmax is used by some very reputable companies too, such as Google, LinkedIn, and Uber.

Continue reading →

Ghostery is a company rooted in privacy, so that the firm should accidentally reveal users' email addresses would come as something of a surprise. Over the weekend, however, this is exactly what happened.

The company -- as many others have been doing recently -- emailed its users with details of its updated privacy policy that complies with GDPR. Unfortunately, the message exposed the email addresses of hundreds of customers as the company failed to make use of the BCC field.

Continue reading →

It has been impossible to avoid stories about GDPR over the last few weeks and months, and today the new rules regarding privacy and personal data come into force across the EU.

Inboxes across Europe have been flooded with GDPR-related emails as companies have rushed to comply with the new regulations that require them to seek consent from users to collect data about them. But now GDPR day has arrived, dozens of US websites are blocked in the EU.

Continue reading →

The clock is ticking for the arrival of GDPR (or General Data Protection Regulation) in Europe. As of May 25 -- this Friday -- new regulations will give people greater access to the data companies store about them and the right to have it deleted.

Microsoft is among the global technology firms that will have to comply with the laws in Europe and -- pointing out how it appreciates "the strong leadership by the European Union on these important issues" -- the company says that it will also roll out some of the benefits of the privacy legislation on a global basis. It will be known as Data Subject Rights.

Continue reading →

With GDPR coming into force at the end of this week, new research from Egress Software Technologies found over half of respondents were in the dark about what their company was doing to prepare for the legislation.

Only 43 percent of the 1,000 respondents were aware of preparations, there is also a lack of awareness surrounding personal data in general. One in 10 are unaware they are handling personal data in their day-to-day jobs and 57 percent are unable to correctly identify when it would need to be protected.

Continue reading →

Enforcement of the GDPR Regulation will begin this May 25. Are you ready? If not, Microsoft offers some information-protection solutions to help your organization identify, classify, and protect your data. The tools track your adherence to the regulations, ensure you’re able to identify sensitive data, and can prevent that data from escaping your organization via email, etc.

While this article focuses on GDPR policy management, the info also applies to other regulations (e.g. HIPAA).

Continue reading →