GDPR stands for “General Data Protection Regulation”, a law enacted in the European Union and EEA member countries which took effect as of May 25, 2018. The GDPR concerns the rights of individuals in the EU to privacy and the protection of their personal data. There must be a lawful bas...
A data breach is an intentional or accidental security incident that leads to the access of sensitive or critical data or its exposure to an unauthorized party.
GDPR establishes a set of customer rights regarding data and takes a broad view of what constitutes personal data, including some information not traditionally considered to be personal data within the United States (e.g. cookie data and IP addresses). How do I determine whether my company is ...
A data breach is the intentional or unintentional release of secure or private/confidential information to an untrusted environment.
Learn about the global costs of a data breach and how to implement the right defenses to protect your business.
GDPR compliance causes some concerns and expectations of security teams. For example, the GDPR takes a wide view of what constitutespersonally identifiable information(PII). Companies need the same level of protection for things like an individual’s IP address or cookie data as they ...
GDPR introduced new terms and rules that set the bar for data privacy worldwide. RoPAs are just one way to ensure a business’s compliance with the Regulation’s standards. According to Article 30,“Each controller and, where applicable, the controller’s representative, shall maintain a record...
The “Right to be Forgotten” may be a much talked about feature of the GDPR, but it actually existed long before this regulation came.
What constitutes “doing business with the EU”? If you’re a local small business who doesn’t interact at all with the EU, I think that you are probably fine tomostlyignore this regulation. I still would recommend making some changes to your privacy policy, as I’ve written about below...
Because you can collect and process an individual’s data from anywhere in the world, data privacy laws like the GDPR need to apply extraterritorially. Organizations based in the U.S. that process EU citizens’ data aren’t off the hook for GDPR compliance by a long shot. The GDPR applies...