Compliance
Cybersecurity breaches, attacks, data and customer privacy issues involving compliance regulations like HIPAA, PCI, Sarbanes-Oxley and more.
GDPR and Consent: What to Consider
According to the General Data Protection Regulation (GDPR), an entity must have a “valid lawful basis” to process personal data. What does that mean? Trustwave offers these answers.
California Goes Beyond GDPR With Data Privacy Law
The California Consumer Privacy Act of 2018 will take effect January 1, 2020. The legislation resembles the European Union’s General Data Protection Regulation (GDPR). Here are the differences.
SEC Fines Mizuho for Failing to Protect Customer Data
It is not enough for companies to establish policies & procedures designed to prevent the misuse of material nonpublic information. Companies must also enforce those policies & procedures. That’s the lesson from the SEC’s recent settlement with Mizuho Securities USA.
Oregon Amends Data Breach Notification Law
Oregon’s amended data breach notification law has new requirements, prohibits fees for security freezes and adds a specific notification timing requirement, Hunton Andrews Kurth explains.
Texas Medical Center Fined $4.3 Million for HIPAA Security Violations
A Texas cancer treatment center has been fined $4.3 million in civil penalties for violating HIPAA compliance rules.
Data Mapping: A Key Challenge in Achieving GDPR Compliance
The first step toward GDPR (general data protection regulation) is to map or collect all the personal data of the company. What does that mean? ISACA explains.
Arizona Amends Data Breach Notification Law
Arizona recently amended its data breach notification law, which now features a 45-day breach notification requirement. Hunton Andrews Kurth explains.
3 Immediate Steps to Lower Your Security Risk
Managing risk across an organization requires a lot of different things: setting strategy, determining tolerance, defining metrics. Delta Risk offers this advice.
Does Yahoo’s SEC Cyber Disclosure Settlement Set Enforcement Bar?
The SEC’s recent $35 million settlement over the Yahoo! data breach provides an object lesson in the consequences of failing to publicly disclose a major cyberattack.
Colorado Law Tightens Data Breach Notification Rules
Colorado Gov. John Hickenlooper has substantially tightened reporting requirements for organizations hit by a data breach and firmed up measures to protect consumers’ confidential information.