Nearly 10 months after the beginning of enforcement of the EU's GDPR privacy regulation, organizations around the world are still learning plenty of compliance lessons - including how to locate all personal data so it can be protected, according to regulatory experts on a panel at RSA Conference 2019.
Ireland's privacy watchdog has its eye on Facebook. Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook.
The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures. But the social network is alarmed about the proposed settlement agreement's terms and conditions, The Washington Post reports.
Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper.
The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.
Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K. Regulators say more Europeans are also filing more complaints about organizations' data protection and privacy practices.
As of March 1, 2019, the two-year transition comes to an end, and covered entities are required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements of this section, and how might...
The financial services industry has unique challenges that often prevent it from achieving its strategic goals. The keys to solving these issues are hidden in machine data - the largest category of big data - which is both untapped and full of potential.
Download Banking on Machine Data to learn:
Organizations that don't properly guard their employees' healthcare data and violate HIPAA privacy standards are liable for large fines and often suffer significant brand damage and other negative consequences.
If hackers break into a healthcare company's systems, or an employee leaves a laptop in a coffee shop or...
A key amendment to Canada's Personal Information Protection and Electronic Documents Act goes into effect on Nov. 1. What are the baseline standards for compliance, and how does this change impact risk transfer and mitigation?
While PIPEDA is not a new law and been on the books for a long time, what is coming is...
Breached businesses in Europe: Brace for more class action lawsuits seeking material and non-material damages filed by victims following mandatory data breach notifications under GDPR, says attorney Jonathan Armstrong. He predicts more breach-related suits will succeed in Europe than in the United States.
A key amendment to Canada's Personal Information Protection and Electronic Documents Act goes into effect on Nov. 1. What are the baseline standards for compliance, and how does this change impact risk transfer and mitigation? Charlie Groves of CrowdStrike shares his views.