A Tale of COVID and Privacy

My wife and I have been very careful about “staying within our bubble”, but it was bound to happen. Someone outside of our small group had encountered someone who tested positive and the “bubble” began to burst. It made me consider privacy at this time of the pandemic.

Privacy Certification Exam Study Groups

Recently, Privacy Ref introduced study groups to assist in preparation for IAPP certification exams. It is a need to be filled that I have seen for a while and been asked about in my role as an instructor for the IAPP. The question is what makes Privacy Ref Certification Study Groups different?

Segregation of Duties and Data Inventories

A basic component of a privacy program is understanding what data you collect, where that data resides, and how it flows through your data processing systems. When combined with other characteristics of the data, this knowledge allows a privacy professional to understand what laws and regulations...

Data Breach

Havenly Data Breach Havenly, an interior design website, was recently a victim of a data breach. A group or individual hacker was able to gain access to databases containing roughly 1.3 million records. How this information was accessed is unclear, however there is a significant amount of informa...

The Weakest Embedded Link

The Weakest Embedded Link One of the most difficult vulnerabilities to overcome is human error. You cannot simply program your employees to only open specific emails or attachments and there is no guarantee that training will be effective. When it comes to phishing, you are only as strong as the ...

The Challenge of Data Transfers from the EU to the U.S.

It has been just over a week since Privacy Shield was invalidated, but it feels much longer. Like many privacy pros, I have spent several hours participating in webinars and working with clients to address how to legally accomplish data exports. My clients' question is consistent, "What do I do ...

EU-US Privacy Shield Found Invalid…Now What?

The EU Court of Justice has made a decision today to invalidate the EU-US Privacy Shield agreement. This is a significant change to the privacy landscape in the United States for companies transferring personal information from the EU. The short version of what was decided is that US companies co...

Collaboration Tools

Privacy Notice on Collaboration Tools In this video Bob Siegel talks about collaboration tools in the market, urging companies to read the privacy notice to ensure the information sent over with those tools is being properly protected.  Stay informed! Follow us on Twitter, LinkedIn and YouTu...

Coronavirus, Privacy, and Some Teachable Moments

There is a lot going on right now in the world, however, everyone is focused on one thing and that is coronavirus. Oddly enough, or more likely because I have slowly allowed privacy to take over my life, there are some great lessons to pull from this with regards to privacy. Whether it is discuss...

No Shortage of Privacy Information

At 32-pages, the proposed, modified regulations for the CCPA, are much shorter than the actual law.  That 10,000+ word law has had Privacy professionals crazy busy during the last year. If the CCPA regulations are “short”, then what’s not in short supply is an avalanche of information where ...