Privata Vox® Blog

Filter by Topic:

All
  • All
  • Data Controllers
  • Data Processors
  • General
  • Regulatory
  • Risk Mitigation

A New Value-Add for Data Protection Service Providers

There is a new opportunity for data protection service providers to increase their value to current and prospective clients, and it stems from the overwhelming number of corporations now publicly committing to global data protection and privacy compliance. To learn more about who is and why they are, see the related blog titled “Why Large…

Read More about A New Value-Add for Data Protection Service Providers

Why Large Corporations are Taking a Globally Compliant Approach to Data Privacy

The number of high-profile corporations committing to a global approach to data protection and privacy compliance is staggering. It might be easier to find one that isn’t. A partial list includes Airbnb, Adobe, Amazon, American Express, Apple, AT&T, Boeing, Chevron, Citibank, Cisco, Coca-Cola, Dell Technologies, Dropbox, eBay, ExxonMobil, Ford, General Motors, Goldman Sachs, Alphabet, HP…

Read More about Why Large Corporations are Taking a Globally Compliant Approach to Data Privacy

The 4 Compliance Strategies of Data Processors

Organizations rely on a number of different Data Processors for things like record storage, secure shredding, computer recycling, and a long list of other services that require sharing access to regulated personal information. And, though it doesn’t replace the requisite vendor selection due diligence evaluation, assessing their compliance acumen can help determine the service provider’s…

Read More about The 4 Compliance Strategies of Data Processors

Ensuring Security with NDAs in a Post Non-Compete World

This entry explains how combining a non-disclosure agreement (NDA) with a strong information protection policy is now the best way to prevent former employees from sharing competition-sensitive information.  And, while others have pointed to NDAs as an alternative, they fail to identify the critical importance information protection policies play in this strategy. Most current employees…

Read More about Ensuring Security with NDAs in a Post Non-Compete World

Why Data Processors Need Two Information Protection Policies

This entry explains why data processors (in particular) should have two distinct complementary types of information protection policies: one outlining the information security practices related to the services they provide data controllers, and another covering how they protect the vital information used to run their business. All modern data protection regulations require data controllers (clients)…

Read More about Why Data Processors Need Two Information Protection Policies

What Business Services are Data Processors, and Why Does It Matter?

This entry is intended to help both novice and veteran data protection professional appreciate the number and types of service providers subject to the compliance requirements of privacy regulations. As far back as the mid 1990s, regulations have reflected the fact that data-related vendors, a.k.a., data processors, are critical to data controllers’ ability to protect…

Read More about What Business Services are Data Processors, and Why Does It Matter?

How AI Tools Could Compromise Intellectual Property Rights

For close to 70 years, case law and regulatory enforcement have firmly established that in order to defend its intellectual property (IP) rights, an organization must demonstrate that it has appropriately protected the information from unauthorized and unnecessary access. In other words, courts and regulators decided long ago that they were not going to defend…

Read More about How AI Tools Could Compromise Intellectual Property Rights

Data Controller/Data Processor Contracts #3:
Indemnification

There may be no more confusing and misunderstood area of controller-processor contracts than insurance and indemnification. Controllers often expect processors to accept liability, while ignoring the quality (or existence) of processors’ underlying insurance coverage. Processors, on the other hand, often buy insurance products that provide minimal or no protection to meet those controller expectations. This…

Read More about Data Controller/Data Processor Contracts #3:Indemnification

Contractually Defining Information Custody Transfers

KEY TAKEAWAYS: Information custody transfers are far more ubiquitous and riskier than most organizations appreciate. From a legal and regulatory perspective, “access to” equals “custody of.” There are specific elements and contractual assurances upon which all organizations should insist when transferring personal or proprietary information. Failure to obtain the appropriate assurances from any vendor accessing…

Read More about Contractually Defining Information Custody Transfers

Subscribe to stay up to date with new blog posts, speaking appearances, and more.

Subscribe To Updates

Email(Required)