All Data Privacy articles – Page 5
-
Blog
Avoiding Vanguard’s cyber-security stumble
Image: A recent incident at Vanguard in which the company unintentionally sent 71 e-mails pertaining to different customer transactions to a random Vanguard customer triggered a flawed response from the company that demonstrates how SEC-registered entities can underestimate just how difficult it is to manage customer data-related predicaments. CW’s John ...
-
Article
Healthcare, ransomware, and effective cyber-security hygiene
Imagine this: You’re a large healthcare provider whose staff is having trouble accessing vital records in your hospital’s computer network. Your IT department begins an immediate investigation and determines the cause to be a malware attack. Worse yet, the attackers are demanding ransom to obtain the decryption key. How do ...
-
Blog
Apple, the FBI and a terrorist’s iPhone
As the FBI continues its investigation into the deadly San Bernadino terror attack from last December, it has run into an unlikely adversary in Apple, which has refused the Bureau’s requests to defeat the security measures of one of the terrorists’ iPhones. While the legal struggle over this raises the ...
-
Blog
EU, U.S. Agree on New Safe Harbor Framework
The European Union and the United States have agreed on a new framework that will allow for trans-Atlantic data flows between Europe and the United States. The new arrangement will provide stronger obligations on U.S. companies to protect the personal data of Europeans and stronger monitoring and enforcement by the ...
-
Article
Preparing for the EU’s new Data Protection Rule
Sweeping changes to the EU’s data protection laws means new compliance headaches for any U.S. company that collects and handles data on citizens of the European Union. “It’s a game changer, primarily because it sets standards that many companies haven’t had to worry about,” said Hilary Wandall, associate vice president ...
-
Article
Mitigating Cyber-Threats From the Inside Out
As attacks on corporate networks become more common, companies are getting more adept at protecting their most valuable assets against cyber-threats outside the company, but it’s the insider threats that continue to elude many. Inside, we walk through the difficult part of insider-threat programs: not just creating the program and ...
-
Blog
The Big Challenge in New EU Data Protection Law: Values
Image: This week European officials agreed to a final text for a sweeping new data protection law. Compliance officers in the United States should brace themselves: not only does the legislation threaten huge fines and complicate corporate marketing efforts enormously; it underlines the fundamentally differing views Europeans and Americans have ...
-
Blog
What Makes a Good ‘Pen Tester’
Penetration testing is the exercise of testing a company’s cyber-security defenses, and finding the right “pen tester” to do that can be difficult. Learn how to find the right blend of capable, trustworthy, and innovative cyber-security professionals. More inside.
-
Blog
Irish Data Regulator Probes Facebook’s European Privacy Practices
Image: The investigation by Ireland’s Data Protection Commissioner Helen Dixon into Austrian law student Max Schrems’ privacy complaint will continue in light of the recent decision by the European Court of Justice to invalidate the Safe Harbor program for international data transfers between the United States and the European Union. ...
-
Blog
Double Trouble in Internal Investigations After Schrems
Image: Last week another huge shift in the compliance world happened: the Schrems decision by the European Court of Justice, finding that the previously presumed European Union Safe Harbor regime is invalid. For the anti-corruption compliance practitioner, the decision is double-trouble when you consider it in light of the recent ...
-
Blog
With Safe Harbor Squashed, What's Next for European Data Transfers?
As anticipated, on Tuesday the European Court of Justice ruled the Safe Harbor program for international data transfers between the United States and European Union is invalid. While U.S. officials fret that the ruling will “undercut the ability of other countries, businesses, and citizens to rely upon negotiated arrangements with ...
-
Article
Data Security Impasse Overturns Safe Harbor Program
An Austrian student’s displeasure with Facebook has invalidated the longstanding trans-Atlantic Safe Harbor program for international data transfers. That complaint, originally about Facebook’s alleged cooperation in U.S. government spying, has reached the highest court and Europe and overturned 15 years of data privacy rules. Companies are left with few viable ...
-
Blog
French Data Regulator Rejects Google’s ‘Right To Be Forgotten’ Appeal
Big news this week from France as the Commission Nationale de I’Informatique et des Libertes (CNIL) rejected Google’s appeal against the enforcement of “right to be forgotten.” If Google fails to comply with CNIL’s order, the company may be hit with sanctions, including a €300,000 fine, which could increase to ...
-
Article
Managing Cyber-Risk in the Aviation Industry
Cyber-risks are increasing everywhere, and this week we look specifically at the aerospace sector. Recent high-profile data breaches at major airlines have jolted the industry, which is trying to piece together better ways to manage the risks. “Airplanes themselves have never been more complex, never been more reliant on technology. ...
-
Blog
Banks Fear EU Privacy Rules Will Make Fraud Harder to Detect
Image: Bankers are claiming new EU privacy laws may end up doing more harm than good, as they will prevent banks from detecting fraud and terrorist financing. Consumer rights groups disagree, arguing that the updated laws will pave the way for more transparency and force banks to behave more responsibly ...
-
Article
The Global State of the Right To Be Forgotten
More than a year after the EU established is right-to-be-forgotten principle, U.S. compliance professionals in the tech sector probably wish the decision itself could be forgotten, too. France is insisting that the principle be applied worldwide; even before that ever happens, compliance within Europe is laborious and complicated. Our latest ...
-
Article
CCOs Playing a Stronger Role in Data Privacy Practices
Image: As data privacy laws proliferate, they are creating a web that traps how corporations use personal data in their operations. The challenge for compliance officers: how to play a more strategic role and ensure your business doesn’t get stuck. “The inclusion of the CCO function in defining controls related ...
-
Article
SEC Pushes New Limits on Cyber-Security, Securities Fraud
Another byproduct of life in the cyber-security age: The SEC is redefining insider trading to focus more on improper trading, even if you are a thief mining a company for inside information without actually working there. The misconduct—called, yes, “outsider trading”—seems to be an SEC-enforceable offense so far, and it ...
-
Article
Suddenly, Washington Is Back at Cyber-Security Discussion
Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...
-
Article
Data Governance 101: Getting Started
Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...