Legislation

bulletproof

Everything you need to know about DPO for schools

As legislation goes, the GDPR could be unique in its insistence that a new professional role, the Data Protection Officer (DPO), be created to ensure its mandates are properly met. But getting a DPO in place is no simple recruitment exercise, and that’s especially true for schools. For starters, people with the requisite mix of abilities and experience to do the job in educational environments are hard to find.

tripwire

What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses?

During the previous weeks, we provided a thorough overview of the EU NIS Directive, focusing on the Operators of Essential Systems (OES), the Digital Service Providers (DSP) and the compliance frameworks. Our review of the EU cybersecurity policy and strategy would be incomplete without mentioning the EU Cybersecurity Act.

manageengine

South Africa's GDPR: The POPI Act and it's impact on Desktop Central users

The Protection of Personal Information (POPI) Act puts South Africa’s data regulation standards on par with existing data protection laws around the world. It aims to protect personally identifiable information (PII), enforce individuals’ rights to privacy, and provide guidelines for lawfully processing sensitive information and notifying regulators and data holders in the event of a breach.

sqreen

What CCPA means for your security practices

While you may have heard of CCPA, the California Consumer Privacy Act of 2018, it can be hard to know what it means for your organization. In particular, what does it mean for your organization’s security practices? Like GDPR (General Data Protection Regulation) before it, which despite being an EU regulation changed practices around the world, CCPA affects more than California. It’s something that all organizations around the world will need to pay attention to and comply with.

reciprocity

How to Comply with the Sarbanes-Oxley (SOX) Act

Compliance with the Sarbanes-Oxley Act of 2002 is a legally mandated must for all U.S. public companies and some other entities, as well. But meeting the requirements of this important law can be incredibly difficult. Preparing for a SOX compliance audit requires so much work that companies often designate entire teams full-time to the task. The law is that complex.

tripwire

Trading Cookies for U.S. Federal Data Privacy Regulations

The General Data Protection Regulation (GDPR) has been in effect for two years in the European Union (EU). As Americans continue to become attentive to GDPR and their own data privacy, it’s not surprising that some data protection guidelines are emerging in the United States. Indeed, it’s safe to assume that California Consumer Privacy Act (CCPA) was modeled from the EUs data privacy framework.

CCPA compliance: Getting ready for enforcement

With enforcement of the California Consumer Privacy Act (CCPA) set for July 1, 2020, it is time for organizations to ensure their compliance strategy is in place. With the CCPA already in effect since January 2020, regulators expect the companies to be CCPA compliant now. The CCPA requires organizations to secure the sensitive data they hold, while also protecting the privacy of consumers.
tripwire

What to Expect from Brazil's New Data Protection Law

The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020.

bulletproof

GDPR 2 years on - key takeaways and lessons learnt

GDPR recently breezed past its second birthday and, like many two-year-olds, continues to cause concern and confusion for those who have to deal with it. Unlike real two-year-olds, however, GDPR is quite clear in what it demands and there could be big consequences if they are not met. For businesses, failure to meet GDPR’s requirements represents an increased risk of data breaches and the reputational damage and legal repercussions that breaches inevitably lead to.