Privacy Ref Blog by Tag

Tag "Privacy Program Governance" returned 25 posts


Burying your head in the sand won’t make Data Protection requirements go away

Recently, I had dinner with  a colleague that I had not seen in several years. Their company, a multinational with global operations, had undergone several changes in that time. When the dust settled, this friend had been tapped as “privacy manager”. Along with corporate counsel (part time for privacy), they decided that, even under GDPR, they did not need a Privacy / Data Protection Officer . Huh? Continue reading this post…

Posted on September 18, 2017 by Bob Siegel - No Comments
Tags: , , , , , ;

 


Privacy Ref and CyberDefenses Bring Privacy and Security Together

There is a saying that you can have security without privacy, but you cannot have privacy without security. While privacy and security are both concerned with the protection of information held by an organization, security provides the means to meet the business requirements identified to meet privacy demands from regulators, customers, employees, and other stakeholders.

Privacy Ref works with our clients to improve their business and operational practices for protecting personal information. Increasingly our clients’ have been looking for services to supplement their security practices, tools, and expertise. CyberDefenses fills this role. Continue reading this post…

Posted on August 14, 2017 by Bob Siegel - No Comments
Tags: , , , , ;

 


What is the difference between privacy and security?

One question that I am frequently asked is “what is the difference between privacy and security?” It sounds simple enough, but the response often gets complicated. Maybe an analogy will help. Continue reading this post…

Posted on May 24, 2016 by Bob Siegel - No Comments
Tags: , ;

 


Three privacy thoughts to start 2016

Over the past few days I have been pondering everything that has happened in privacy in 2015 and the impact on organizations. My intent was to write a retrospective blog entry, but this morning I decided to look ahead and not in the rear-view mirror. So here are three thoughts to kickoff 2016. Continue reading this post…

Posted on December 31, 2015 by Bob Siegel - No Comments
Tags: , , ;

 


Privacy Impact Assessments: Organization-specific or Generic PIAs

I recently had a conversation with a colleague about privacy impact assessments, PIAs, and the tools available to administer them. We quickly became philosophical, trying to weigh whether a generic tool would work or if something that is organization specific is necessary.
Continue reading this post…

Posted on December 7, 2015 by Bob Siegel - No Comments
Tags: , , ;

 


Cost of a data breach: $201.00 or $0.56 per record?

It is the season for annual data breach reports to be published. This year a statistic that has raised interest is the average cost of a data breach. One report shows a figure just above $200 while another show less than $1. While, as you will see, both these numbers provide interesting guidelines, they may be irrelevant to your business.
Continue reading this post…

Posted on May 11, 2015 by Bob Siegel - No Comments
Tags: , ;

 


Radio Shack’s Privacy Notice Oversight

rshacklogoGrowing up I spent a good amount of time at Radio Shack. I liked to “play” with electronics just to understand how things worked. It always bothered me that they asked for my zip code for every transaction, but they still got my money. That may be in part why I became a privacy professional.

I continued to visit the chain in recent years, mostly for batteries and replacement parts. How was I to know that, in spite of their privacy notice, Radio Shack would eventually try to sell my personal information during their bankruptcy. Continue reading this post…

Posted on March 26, 2015 by Bob Siegel - No Comments
Tags: , , ;

 


5 Privacy Priorities for Business for 2015

In 2014 there seemed to be a new data breach every week. Be it credit card data, student information, social security numbers, or corporate intellectual property, the personal information of any business’s clients, employees, or of the business itself were exposed. Here are 5 priorities that you should consider for your business as we embark on 2015.
Continue reading this post…

Posted on January 1, 2015 by Bob Siegel - No Comments
Tags: , , ;

 


Privacy Awareness: Training lays the foundation

A successful privacy awareness program includes ongoing activities to keep privacy “top of mind” for the members of an organization. It supplements a privacy training program that conveys information in a formal learning environment. For an awareness program to meet its goals, a training program must prove the foundation for your privacy program. Continue reading this post…

Posted on September 7, 2014 by Bob Siegel - No Comments
Tags: , ;

 


Is your organization “privacy aware”?

Every time I read the news it seems there is a new data breach impacting client or employee privacy.  Just last week UPS, Supervalu, Community Health Systems, North Dakota University, Shaw’s / Star Market  / Albertson’s, and Schnucks have all been mentioned in articles related to new or recent data breaches.  Of course there are also the ongoing articles discussing the costs and other ramifications of the Target breach.

According to the Ponemon Institute‘s 2013 Cost of a Data Breach Study: Global Analysis, 35% of all data breaches due to to a human factor such as a negligent employee or contractor. Breaches attributed to human factors can be avoided by improving your privacy awareness program. Continue reading this post…

Posted on August 24, 2014 by Bob Siegel - No Comments
Tags: , , ;

 


Next Page »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

May 10, 2017

Predictive Breach Cost Model
Download our predictive breach cost modelhere.

Latest Blog Posts

October 30, 2017

PSR 2017 in Review
After a long trip from the northeast to San Diego, I finally made it to another exciting Privacy, Security, and Risk Conference from the IAPP. With GDPR on the horizon, the air was thick with discussion of this regulation in effect in May of next year. Even more so, a lot of questions received at the Privacy Ref booth were focused on this law, or preparing a privacy program through assessments data mapping. Overall, a great show with a few major themes. Continue reading this post...

The key to effective privacy training
I spend a lot of time facilitating privacy training. Whether it is directly for our clients or on behalf of the IAPP or their training partners, there are common elements to a successful educational event. Continue reading this post...

Other Recent Posts

PRIVACY REF