CCPA is the latest regulation which should be a concern for all companies with California residents in their databases. There are less than 90 days left to be ready to comply with CCPA, on top of the other regulations.

In January, I’ll start a new game: ask a company to retrieve all the information they have about me in less than 45 days. One of the requirements of CCPA, is to be able to reply to a customer request to have access to all the data you have about them in less than 45 days. These are called the Verifiable Customer Requests. You may be able to complete 10, 20 replies. But what if you received 10 every day? What does it take to keep your customers happy and being compliant?

In the digital age, more often than not, you can be sure that some enterprise has hold of your personal information. This information could be your name, email, phone number, IP address, country and other details. This can come from submitting a form, subscribing to a newsletter, accepting cookies, accepting the privacy policy or terms and conditions when creating an account or downloading software.

GDPR is a landmark in privacy jurisdiction. Through its 99 articles, it sets a framework for both businesses and individuals on their rights and responsibilities when it comes to protecting privacy. The most important element in my opinion is that privacy functions a fundamental human right and needs to be protected.

Despite GDPR having been enacted over 15 months ago, over half of UK organizations are still not compliant with the General Data Protection Regulation (GDPR). The report released by Egress, GDPR Compliance: where are we now?, polled 250 GDPR decision-makers and found that 52% were not fully compliant with the new regulation. Even worse, 35% of respondents claimed compliance with the EU-wide data protection regulation had actually dropped down on the priority list over the past year.

Security is an ongoing effort. It’s worth assessing your security situation from time to time, and as GDPR fines have started to land, it’s a good time to review your data movement and storage setup. Recently, the news broke that British Airways must pay an astounding £183 million fine because of last year’s data breach.

“I’d like to pay with my credit card.” “Sure! Let me have your card. Could I also get your full name, phone number, and address?” “Yeah. It’s Logan Lovato, and I live at 1 Lemon Street, Anaheim. My number is 714.308.75xx.” This was a common occurence at retail stores across the US in the not too distant past. People shared their information and didn’t think much about it.

In July 2019, UK Information Commissioner’s Office (ICO) announced its intention to fine two companies for violating the European Union’s General Data Protection Regulation (GDPR). ICO began by disclosing its intention to penalize British Airways in the amount of £183 million (approximately $224 million) on 8 July.

May 25, 2019 marked the one-year anniversary of the European Union’s (EU) General Data Protection Regulation (GDPR) coming into full effect. This milestone serves as a timely reminder for any business in the EU or doing business with EU residents on both the implications of failing to protect data and the procedures needed to prevent this from happening.

What’s happened? British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen. 183 million quid!? That sounds huge! Yes, it’s the biggest fine ever handed out by the UK’s Information Commissioner’s Office (ICO).