Compliance

A person who appears to be contemplating has a small angel on one shoulder and a small devil on the other.

The 4 Compliance Strategies of Data Processors

August 19, 2024
Posted in

Organizations rely on a number of different Data Processors for things like record storage, secure shredding, computer recycling, and a long list of other services that require sharing access to regulated personal information. And, though it doesn’t replace the requisite vendor selection due diligence evaluation, assessing their compliance acumen can help determine the service provider’s…

Read More
Businessman hands typing on laptop with triangular malware caution warning sign.

Flawed ITAM: Known Cyber Security Risks Spell Trouble for CISOs and Boards

October 31, 2023
Posted in

Yesterday’s SEC release alleging that software developer SolarWinds Corp. and its Chief Information Security Officer (CISO) T. Brown misled investors about known cybersecurity risks and vulnerabilities is yet another in a series of Commission actions regarding cybersecurity that should be setting off alarms for CISOs, CIOs, and the boards at all publicly traded companies and…

Read More
A graphic image displaying a grey icon of the head and chest area of a human that also includes a lock icon in the head area, along with many blue nodes surrounding the icon.

What Does a DPO Do?

May 15, 2023
Posted in

Faced with the requirement of retaining a Data Protection Officer (DPO), it is important to understand their role. Regulatory language describing the duties of a DPO list the following: Monitor compliance with relevant regulations and with the company’s own policies in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and…

Read More
Shield Icon in Computer Data

How Service Providers Win When Customers’ P&Ps Are Documented

February 17, 2023
Posted in

Author’s note: The following describes the benefits of client P&Ps to data disposition (shredding and ITAD) service providers. The principles and benefits listed are equally compelling for all Data Processors, such as billing and AP, medical waste, managed services, data backup, records storage, etc. Let’s start with the basics: Every customer that is covered by…

Read More
Keyboard Privacy Icons

Yes! ITAD Falls Under Cybersecurity; Get Ready for What Comes Next!

February 3, 2023
Posted in

The Oxford dictionary defines Cybersecurity as “the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.” Hard to argue with that; it’s succinct, clear, and broad. So, with that definition in mind, it would be hard to argue that restricting access to the hardware…

Read More
A blue digital illustration of the globe

Why a Global Approach to Data Protection Compliance is a “Best Practice”

January 20, 2023
Posted in

Instead of creating data protection requirements that apply to organizations operating within a specific border, the new generation of data protection regulations sweeping the globe apply to the citizens of that region. And, though this difference is subtle and even a little impractical, it means Data Controllers and Data Processors have to think differently about…

Read More