General

An illustration of a person in a dark suit placing an oversized puzzle piece into a large-scale world map puzzle

Why Large Corporations are Taking a Globally Compliant Approach to Data Privacy

September 11, 2024
Posted in

The number of high-profile corporations committing to a global approach to data protection and privacy compliance is staggering. It might be easier to find one that isn’t. A partial list includes Airbnb, Adobe, Amazon, American Express, Apple, AT&T, Boeing, Chevron, Citibank, Cisco, Coca-Cola, Dell Technologies, Dropbox, eBay, ExxonMobil, Ford, General Motors, Goldman Sachs, Alphabet, HP…

Read More
The words NON-COMPETE appear on an illustrated circular sign with a red prohibited symbol.

Ensuring Security with NDAs in a Post Non-Compete World

May 29, 2024
Posted in

This entry explains how combining a non-disclosure agreement (NDA) with a strong information protection policy is now the best way to prevent former employees from sharing competition-sensitive information.  And, while others have pointed to NDAs as an alternative, they fail to identify the critical importance information protection policies play in this strategy. Most current employees…

Read More
The word VENDOR is shown in red letters through a magnifying glass.

What Business Services are Data Processors, and Why Does It Matter?

April 15, 2024
Posted in

This entry is intended to help both novice and veteran data protection professional appreciate the number and types of service providers subject to the compliance requirements of privacy regulations. As far back as the mid 1990s, regulations have reflected the fact that data-related vendors, a.k.a., data processors, are critical to data controllers’ ability to protect…

Read More
White legal icons on a colored background

Why “Segregation of Duties” Should be Applied to ITAM-ITAD

June 16, 2023
Posted in

Segregation of Duties (SODs), a.k.a. Separation of Duties, is the basic fiduciary mechanism that prevents an individual or department from having full custody of process integrity where there is an inherent conflict of interest or an opportunity for fraud. As the name denotes, to mitigate these potential problems, the duties related to those processes are…

Read More
A graphic image displaying a grey icon of the head and chest area of a human that also includes a lock icon in the head area, along with many blue nodes surrounding the icon.

What Does a DPO Do?

May 15, 2023
Posted in

Faced with the requirement of retaining a Data Protection Officer (DPO), it is important to understand their role. Regulatory language describing the duties of a DPO list the following: Monitor compliance with relevant regulations and with the company’s own policies in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and…

Read More
Closeup photo of a stack of papers, some with pink or yellow sticky notes

The Dangers of Uncontrolled Records & Old Electronics

April 21, 2023
Posted in

This blog describes how squirreled-away or forgotten documents and electronic equipment 1) undermine an organization’s records retention policy, 2) constitute a security risk, 3) complicate legal discovery compliance, and 4) violate new privacy regulations. __________ What are Uncontrolled Records and Old Electronics? The legal definition of a “business record” is any and all information recorded…

Read More
U.S. Securities and Exchange Commission Logo with data and legal icons

The SEC’s Proposed New Data Security Rules

April 6, 2023
Posted in

A March 15 proposal by the Security and Exchange Commission (SEC) to amend the Gramm-Leach-Bliley Act Safeguard’s Rule will require financial institutions and their data processors (i.e., secure shredders, ITADs, managed service providers, etc.) to seriously rethink and retool their data protection contracts, recordkeeping, and policies and procedures. Here’s What it Looks Like The proposal…

Read More
Keyboard Privacy Icons

Yes! ITAD Falls Under Cybersecurity; Get Ready for What Comes Next!

February 3, 2023
Posted in

The Oxford dictionary defines Cybersecurity as “the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.” Hard to argue with that; it’s succinct, clear, and broad. So, with that definition in mind, it would be hard to argue that restricting access to the hardware…

Read More
Privata Vox Icon

What is Privata Vox®?

January 6, 2023
Posted in

As some readers know, I recently stepped down from my position as CEO of i-SIGMA. There was no intrigue or surprise behind my decision. The fact was simply that, after 27 years at the helm of NAID/i-SIGMA, recognition of the need for data destruction and for service provider qualifications had been largely achieved. i-SIGMA’s mission…

Read More