Lepide Blog

We’ve all heard by now that the GDPR will bring in a revised set of data protection legislation that aims to modernize the way organizations store and process the data of EU citizens. Countless articles will tell you that non-compliance with the GDPR will likely result in crippling fines. However, much of this is fear-mongering, as the vast majority of people (even experts) simply cannot predict what will happen. They … Read more

Even though GDPR is almost upon us, there still seems to be a bit of confusion as to the rules of breach notifications. How long do I have to report a breach? Who do I report a breach to? Do all data breaches need to be reported? It’s natural to have questions, and it’s natural not to want to read that outrageously long book of chapters and articles to find … Read more

I think it’s fair to say that most organizations are still struggling to understand exactly what is required of them when it comes to GDPR preparations. There is a lot of misinformation out there surrounding this topic and it can be easy to just ignore the mandate and keep your fingers crossed that it will all be OK. Obviously, this is not the way to go about it. We’ve had … Read more

So, a bit of housekeeping first. The GDPR is the brand-new regulation that everyone has been talking about, but what actually is it? You’ve probably received numerous emails from organizations asking you for permission to continue storing your personal data, and that’s what’s it’s essentially all about. Companies interacting with people in the European Union will all have to pay attention to what they’re doing with their personal data and … Read more

As a vendor in the IT security and compliance space, we often like to think of compliance regulations as an opportunity for organizations to prove they are taking steps to be responsible with consumer data. However, we are under no illusions that many people responsible for providing compliance reports to meet these mandates view it as a box-ticking exercise. Many IT teams see compliance as a hassle instead of an … Read more

Sears, Delta, Best Buy, Kmart and likely more organizations have been the victims of a breach affecting payment card information that was obtained through online chat provider [24]7.ai. These attacks took place over the course of a few months in the latter part of 2017 but weren’t reported by the chat provider until April of 2018. Thankfully, it seems as though the breach was relatively small in comparison to other … Read more

Due to the incoming GDPR, many people from all departments are finding the need to familiarize themselves with new or updated concepts of how they are going to have to handle and store sensitive data. In many ways this is a great thing, ensuring that even those without any speciality for data protection within the organization have at least a rudimentary understanding of the importance of giving users more control … Read more

We talk to hundreds of enterprises in the finance and banking sector, and we’ve seen compliance putting more strain on IT and information security teams than ever before. If you’re in IT, you will know GDPR is imminently due and is the most talked about event in the IT world at the moment. It’s likely you’re already sick of hearing about it already, and it’s not even enforceable yet. Your … Read more

Irrespective of the country, size or sector your organization operates in, it’s more than likely that you’re bound by one or multiple compliance mandates, such as PCI, HIPAA, SOX, FISMA and others. If you handle or process the data of EU citizens, very soon you’re going to be bound by one of the most talked about compliance mandates of recent years; GDPR. These compliance mandates tend to have one thing … Read more

In preparation for the upcoming GDPR regulation, the ICO have commissioned a media campaign to provide valuable information to consumers on what it means for them. Although the details of the campaign are still being ironed out, we know that it will be run in April under the banner “Your Data Matters,” will have a logo, strapline and aim to visually tell a story of data protection. The aim of … Read more