Faced with regulatory penalties, an avalanche of due diligence questionnaires, and stringent contractual clauses, companies of all sizes have been impacted by GDPR. To date, most companies have tackled GDPR [...]
Cloud Companies Can Conquer GDPR with ISO 27018 Certification. Almost a year into a post-GDPR world, the question for many cloud service providers is still, “How do I evidence GDPR compliance?” With no meaningful certification in sight, the time is now for cloud service providers to be proactive in showing how they protect customer data in accordance with GDPR.
The EU-US Privacy Shield may soon be a thing of the past after the European Parliament passed a resolution on July 5th, calling on the European Commission to suspend the [...]
The Data Protection Impact Assessment (DPIA) is a significant new burden on data controllers under GDPR. As many have noted, GDPR does not clearly outline when a DPIA is required, [...]
On February 21, 2018, the SEC issued new guidance on cybersecurity disclosures for public companies. As an “interpretive release,” the new guidance interprets existing laws. In this case, the SEC [...]