Preston Bukaty Archive
More and more organizations are looking for guidance on implementing and certifying to ISO 27001. But what exactly is ISO 27001? What does it require? Many clients with an IT or technical background expect a list of security controls – …
What is the CMMC (Cybersecurity Maturity Model Certification)? The CMMC is a new cybersecurity standard for companies working with the U.S. DoD (Department of Defense) and its data. This framework will serve as a tiered certification scheme to help the …
The only thing that seems to keep up with technology these days are the laws implemented to regulate its safe use. Although Europe’s GDPR has been in effect since 2018, recent guidance from Belgium’s regulatory authority will have companies questioning …
On May 4, 2020, Californians for Consumer Privacy announced that it had collected more than 900,000 signatures to qualify the CPRA (California Privacy Rights Act) for the November 2020 ballot. Also known as ‘CCPA 2.0’, the CPRA enhances privacy protections established by the CCPA (California Consumer Privacy Act) and builds …
On January 31, 2020, the United Kingdom withdrew from the European Union, creating a tricky situation regarding the EU GDPR (General Data Protection Regulation). As the GDPR is an EU regulation, the UK will no longer be subject to it …
Is your organization on top of its requirements for the CCPA (California Consumer Privacy Act)? The CCPA came into effect on January 1, and requires organizations to tell California residents when their personal data is being collected and what it’s being …
We’re more than a year into the era of the EU GDPR (General Data Protection Regulation), but organizations across North America are still struggling to understand how, and if, the Regulation applies to them. It’s understandable that many companies outside …
In the middle of a market suffering lower-than-expected earnings reports, two tech companies stand out for their approaches to privacy. Google, which recently shuttered its social media service Google Plus following a major data breach, is now under scrutiny from …
In November 2018, certain amended provisions of Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) take effect. Mandatory breach reporting and record-keeping provisions come into force Nov. 1, requiring businesses to update their breach readiness and response efforts in order to comply with …
