All PrivSec Global On-Demand November 2022 articles
-
VideoLeveraging Data in your Ethics and Compliance Programs
Ethics and compliance programs have more data available to them than ever before. Capturing data on program activity and impact can be a powerful tool to assess whether your ethics and compliance program works in practice. Many companies also find value in benchmarking their programs against industry norms and in response to risks. That said, data’s nascency in the ethics and compliance space means we are still struggling to understand what to do with all this data, and how to know what it is telling us.
-
VideoChildren’s Privacy: Steps Towards a Less Data-Hungry Web for Kids
Regulators worldwide are getting serious about children’s privacy. From the “children’s codes” established in jurisdictions like the UK and Califorina, to the recent enforcement action against Instagram and TikTok—it’s becoming increasingly clear that the web is likely to change so that children are better protected.
-
VideoPrivacy Risk Assessments in the US: Why, When, and What?
A standard practice from other global privacy laws has hit the US: privacy risk or data protection assessments (commonly known as PIAs) are now required under certain criteria for the processing of personal data in all new state laws, except Utah. Beyond regulatory compliance, a comprehensive and integrated assessment program embeds privacy by design into your organization’s data strategy and enables you to manage risk at scale.
-
VideoShould Data Protection Experts Also Be AI Experts?
AI is advancing fast, and playing an increasingly important role in many organisations’ operations and business models.
-
VideoInsider Threats and Accidental Disclosure: The Biggest Causes of Data Breaches?
Much of the work of security professionals focuses on securing an organisation’s perimeter and keeping malicious actors out. But one of the most significant threats to privacy and security is accidental disclosure of data by employees.
-
VideoOT and IT: Differences, Controls, and Key Integration Points
We all know IT - the laptops, phones, applications, and cloud applications we use at work and home, that manage information. Systems that run industrial systems – electric utilities, gas pipelines, water systems, and manufacturing plants – are Operational Technology (OT).
-
VideoUnifying Privacy Management and Information Security Compliance: Building a Bridge to Improved Efficiency
The work of privacy and security professionals looks quite different day-to-day. But these two disciplines share a lot in common, and there are areas where working in silos does not best serve the interests of employees, organisations or even users.
-
VideoThat’s The Way The Third-Party Cookie Crumbles: The Future of Online Marketing
As a sector, digital marketing has long been beset by compliance issues and has been subject to a great deal of high-profile enforcement action.
-
VideoManaging Third-Party Risk: The Role of Data Protection and Privacy Professionals
Organisations find themselves working with an ever-larger network of third-party companies. And much of the work of managing these third parties falls to privacy professionals: from preventing data breaches to drawing up data processing agreements and facilitating international data transfers.
-
VideoWho Would be a Chief Privacy Officer? Pressures, Workflow and Future Trends in the Role
The role of Chief Privacy Officer (CPO) has existed since the early 90s, but CPOs have become increasingly commonplace as companies use more personal data in increasingly innovative—and sometimes risky—ways.
-
VideoSecurity Lessons From the Year’s Biggest Hacks
Every year, high-profile security incidents make headlines—and 2022 has been no exception.
-
VideoCould Meta Really Pull Out of Europe? The (Unintended?) Consequences of International Data Transfer Rules
Schrems II affected many companies’ ability to transfer data from the EU to the US. Meta has repeatedly stated that an order to stop transfers could force the company to stop offering Facebook and Instagram services in Europe.
-
VideoDraft EU Legislation You Need to Know: AI Act, Cyber Resilience, Data Act and More
The GDPR changed the data protection sector immeasurably. But other upcoming EU laws could be equally significant in other ways.
-
VideoData Rights Management: Creating a Seamless, Efficient and Compliant Process
Data subjects are becoming increasingly aware of their data rights (Article 15) through to automated individual decision-making (Article 22). The challenge is, how do data controllers continue to meet the increasing demand for such requests.
-
-
VideoBridging Borders: How to Manage International Data Transfers
Personal data can be an organization’s most valuable, but also riskiest type of data. This data is governed by an ever-evolving regulatory landscape as reflected by the complexity of managing cross-border data transfers. Most recently the Schrems II case which has highlighted the direct conflict between US surveillance law and EU data protection.
-
VideoPreparing for the UK’s GDPR and PECR Reforms
Data protection practitioners in the UK have had a rocky couple of years. From Dominic Cumming’s 2018 comments on “binning” the “idiotic” GDPR, to the TIGRR Report, the DCMS consultation and the now possibly-binned Data Protection and Digital Information Bill.
