GDPR Miniseries: Top 5 Things for HR in Relation to GDPR

As a human resources (HR) professional, you may be groaning at the thought of more, required compliance measures. But no one said this would be easy. Some changes are worth the trouble and the GDPR is among those. Plus, noncompliance can be awfully pricey. Companies charged with violating the GDPR face a potential fine of €20 million or 4% of …

Read more...

GDPR Miniseries: Top 5 Things for Marketing in Relation to GDPR

“The right to be forgotten” isn’t just another way to describe ghosting, a practice popular in dating and social circles where uninterested parties disappear without a trace. The right to be forgotten gives individuals the right to have personal data removed or erased from company servers storing their data. The right to be forgotten is one of the fundamental rights …

Read more...

What's Next for GDPR and GDPR Training

Despite the hype around GDPR in May of this year, when the EU’s new General Data Protection Legislation came into effect, many companies still do not have a robust GDPR programme or sufficient protection measures and processes in place. As Jonathan Armstrong of compliance lawyers Cordery explained to Interactive Services, “I think there have been various surveys that have said …

Read more...

Are Data Privacy and GDPR the Same Thing?

As you may already know, one of the biggest changes to EU data protection rules is coming into effect on May 25, 2018. The General Data Protection Regulation (GDPR) is a wide-ranging set of rules you must follow when collecting, processing, and storing an individual’s personal data. Some of its key aims are to strengthen and harmonise data protection legislation …

Read more...

7 Essential Components of Effective Data Privacy Training

“When it comes to privacy and accountability, people always demand the former for themselves and the latter for everyone else.” ― David Brin It seems hardly a week goes by without some news of a data breach or cyberattack, but the latest media firestorm involving Facebook has caught the world’s attention and called into doubt companies’ accountability when it comes …

Read more...

Access Control Requirements & PCI-DSS Training

Access Control Requirements & PCI-DSS Training   Access control and account management allow organizations to deny or allow the use of physical or electronic means to reach PAN and cardholder data.  Access may only be granted on a verified, need-to-know basis. Standard physical access control measures include hardware, file cabinet and server room door locks. Here are the PCI-DSS’ requirements for access …

Read more...

Employee Data Access: 2 Scenarios that Compromise Security

Employee Data Access: Scenarios That Compromise Security Companies are continually challenged with providing appropriate data and system access, not just for new employees but for current ones as well.  Of course, hiring managers want their employees to have access in order to get them up and running as quickly as possible.  In many cases, managers tend to model their requested …

Read more...