icon

Compliance

8/26/2019 Compliance

Ask Our VP of Compliance: August 2019

New York has enacted the SHEILD Act to better protect residents of their private information against data breaches. The Act takes effect March 21st, 2020. Luckily, our VP of Compliance covers all the necessary topics in regards to this law. This month, we cover everything you need to know about this law and how to stay in compliance with it! 

This edition we answer:

  • What does SHIELD stand for?
  • What do I need to do to comply?
  • What is considered "Personal Information"?
  • What are "reasonable" data security requirements?
  • Would the SHIELD Act include any exceptions for small businesses?
  • What are the proposed penalties for noncompliance?
  • How can DE help me stay in compliance?
8/14/2019 Compliance

GDPR Fines Are No Joke

In the beginning of the year, we came out with an article discussing GDPR- one year since passing. It was clear that GDPR wasn't something to be taken lightly as the fines stacked up for many companies. Now we have the visual proof. 

7/26/2019 Compliance

Ask Our VP of Compliance: July 2019

A big misunderstanding we see every day when working with clients is that security can be ensured by buying a device, or implementing a software, or changing one small thing. However, security is an ongoing process- it's an attitude. With constant threats emerging, IT security governance is imperative. Our VP of Compliance dedicates this edition to fully understanding IT Security Governance! 

6/27/2019 Compliance

Ask Our VP of Compliance: June 2019

A common question topic posed to me, the VP of Compliance, from both non-IT and IT professionals alike revolve around the concept of RPO and RTO with regards to Business Continuity Management.  Recovery Point Objective (RPO) and Recovery Time Objective (RTO) are two of the most important parameters of a sound disaster recovery plan.

This month, I explain everything you need to know about RPO and RTO! 

5/28/2019 Compliance

Ask Our VP of Compliance: May 2019

Happy Birthday GDPR! On May 25th, internationally we will be “celebrating” the first anniversary of the EU’s General Data Protection Regulation (GDPR). Nearly one year later, have the stricter rules really made a difference? Consumers are definitely seeing more pop-up privacy notices online, thanks to GDPR, but for now the astronomical fines the new regulations threatened have not yet surfaced.

4/24/2019 Compliance

Ask Our VP of Compliance: April 2019

Vendor Management Requirements in CyberSecurity Standards

Are you in control of third-party risk? Do you have a sound vendor management department? Do you audit your suppliers?

3/25/2019 Compliance

Only GDPR Can Cause €56 Million in Fines in Less than a Year

In a short nine months, there has been hundreds of thousands of cases and millions in fines.

And this is just the start.

3/20/2019 Compliance

Ask Our VP of Compliance: March 2019

What Cyber Laws Apply to Me?

It is becoming ever so clear that compliance isn't an easy task handled by the IT department, but that it's a team effort from all the departments. This makes it more difficult in regards to what's applicable so our VP of Compliance has broken down all the laws into simpler terms to be able to distinguish which law you must abide! 

2/21/2019 Compliance

Ask Our VP of Compliance: February 2019

One method of ensuring greater cybersecurity protection in a world of hacks and breaches: to undertake regular and programed cybersecurity audits and assessments.

 

The thought of an audit may strike fear in many individuals at all levels in an organization. Mostly, audits are routine and serve to ensure there is at the minimum a check-and-balance to satisfy whichever regulatory body requires it. When there are non-conformities found, it shouldn't be looked upon as a negative thing. 

 

This month, our VP of Compliance speaks to the benefits of non-conformities

1/28/2019 Compliance

Ask Our VP of Compliance: January 2019

2019: The Year of the Data Breach, Again

“Magic 8 ball, will 2019 be the Year of the Data Breach…again?”

Our VP of Compliance says: All signs point to YES.

With the passing of laws like GDPR and PIPEDA, the Marriott Breach, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, and increase in data breach lawsuits, by the time last December ended, there is no doubt that all industry specialists could not wait to label 2018 as the Year of the Data Breach. However, as we sit in the dawn of 2019, it is becoming ever increasingly clear, that 2019 will in fact be, the Year of the Data Breach, Again.

Let's talk: 800-714-5143

Speak to a specialist