Robert J. Johnson, CSDS, CIPP/US, CIPP/E
Against the backdrop of its annual conference in Nashville, i-SIGMA presented R. Stephen Richards with the Robert Johnson Lifetime Achievement Award, an honor reserved for professionals who have a career-long track record of outstanding contributions to the advancement of records and information management. In commenting on the recognition, Richards said, “My reaction was complete surprise…
Read More
For close to 70 years, case law and regulatory enforcement have firmly established that in order to defend its intellectual property (IP) rights, an organization must demonstrate that it has appropriately protected the information from unauthorized and unnecessary access. In other words, courts and regulators decided long ago that they were not going to defend…
Read More
There may be no more confusing and misunderstood area of controller-processor contracts than insurance and indemnification. Controllers often expect processors to accept liability, while ignoring the quality (or existence) of processors’ underlying insurance coverage. Processors, on the other hand, often buy insurance products that provide minimal or no protection to meet those controller expectations. This…
Read More
The recent edition of Recycling Today features an article by Bob Johnson titled, “A More Secure Future,” (pg. 46) explaining how emerging breach notification requirements will change the way organizations manage IT asset disposition.
Read More
KEY TAKEAWAYS: Information custody transfers are far more ubiquitous and riskier than most organizations appreciate. From a legal and regulatory perspective, “access to” equals “custody of.” There are specific elements and contractual assurances upon which all organizations should insist when transferring personal or proprietary information. Failure to obtain the appropriate assurances from any vendor accessing…
Read More
Yesterday’s SEC release alleging that software developer SolarWinds Corp. and its Chief Information Security Officer (CISO) T. Brown misled investors about known cybersecurity risks and vulnerabilities is yet another in a series of Commission actions regarding cybersecurity that should be setting off alarms for CISOs, CIOs, and the boards at all publicly traded companies and…
Read More
In an article published today by the International Association of Privacy Professionals (IAPP), Privata Vox® founder and Principal Advocate Robert Johnson, CSDS, CIPP/US, describes the trends and forces that will soon alter the prevailing enterprise IT asset disposal (ITAD) model. Access the full article here: The flawed IT asset management paradigm: Key considerations for privacy professionals
Read More
This is the second blog in an ongoing series examining the often-overlooked nuances of data controller/data processor contracts. Regulatory alignment is one of the primary reasons regulations require contracts between data controllers and data processors. And, yet, despite its primacy, many contracts make the mistake of establishing this linkage with an overly simplistic clause stating…
Read More
This blog explains why and when organizations should require contracts with service providers that have access to customer or employee personal information. One of the most underappreciated aspects of data controller/data processors contracts is when they are needed. This results from either 1) a lack of awareness of their necessity, or 2) the failure to…
Read More
Veteran-owned Shred America, LLC, one of the largest and fastest growing isecure data destruction service providers in the US, has selected Privata Vox, LLC to fulfill its Data Protection Officer (DPO) obligation. According to Ryan Richard, Shred America’s founder and CEO, retaining Privata Vox® exemplifies the company’s ongoing commitment to aggressive regulatory compliance and to superior…
Read More- « Previous
- 1
- 2
- 3
- 4
- Next »