A Framework for Privacy Risk Self-assessment

A Framework for Privacy Risk Self-assessment

With the recent raft of worldwide privacy legislation and much more to come, organizations of all shapes and sizes are becoming forced to evolve the way they do business. Those SMEs that can’t bring their operations into compliance with the GDPR, CCPA and other data privacy laws worldwide will be at a significant competitive disadvantage, and may even find that continued non-compliant operation merely is unsustainable. In this “adapt or die” scenario, the essential first step to getting compliant is for SMEs to perform a rigorous self-assessment of their present-state data operation. There are three basic formats to self-assessment: Business units can analyze their practices. Different groups within the agency can review and analyze each other. A single appointed party …

How To Assess Vendors For Data Privacy Compliance

How To Assess Vendors For Data Privacy Compliance

When small-to-medium enterprise (SME) team members begin to consider how the business landscape is changing to increased data privacy regulation, the procurement process is not usually high up on their list of answers. However, SMEs focusing too purely on in-house practices miss a key point. Both the GDPR and CCPA place new responsibilities on data controllers. In other words, the company or another body determines the purpose and means of personal data processing. They need to ensure all third-party vendors who touch their data are behaving in a compliant manner. In short, the controller continues to hold responsibilities for compliance, even when outsourcing processing duties. The in-house compliance will not suffice. It’s now incumbent on SMEs to ensure that the …

What is the CCPA? A Guide to California Privacy Law

Introduction: What is the CCPA? The California Consumer Privacy Act will come into effect on January 1, 2020. This fact may have a significant impact on your business. California is the crown jewel in the United States economy. If it were a standalone country, its $2.7 trillion GDP would be the fifth-largest in the world, sitting ahead of the United Kingdom. Combined with the state’s status as an incubator for tech innovation and consumer culture, California gives outsized importance for all kinds of businesses operating at local, national, and multinational levels. The CCPA forces enterprises reaching a particular scale to contend. Other states will soon follow suit with similar legislative pieces of their own. California has long been a bellwether …