Understandably, organisations are feeling a growing sense of unease about forthcoming General Data Protection Regulation (GDPR). It introduces a number of important changes to the current Data Protection Directive (DPD), such as increased territorial scope, stricter consent laws, hefty fines, breach notifications, enhanced data subject rights and specific design requirements that focus on data privacy. Additionally, many organisations will be required to appoint a Data Protection Officer (DPO) to oversee … Read more
Privacy by design is a methodology that helps organisations develop projects where privacy and data protection are accounted for from the start. Privacy by design is not a requirement of the Data Protection Act, but has been included in the GDPR specification (Article 23). Instead of incorporating data security measures as an after-thought, privacy and data sharing policies should be developed during the early stages of a project. Doing so … Read more
The Lepide Checklist for GDPR Compliance
03.29.2017, Compliance, General, Security, by Amritesh singh.The GDPR is an EU regulation that will come into effect from 25 May 2018. The new directive aims to ensure that organisations have policies and procedures put in place to protect the data of EU citizens. Below is a checklist that is designed to assist organisations in complying with the GDPR. Awareness All employees, whether they are IT staff, executives, general administrators, consultants, sales and marketing executives, human resource … Read more
Any organisation that accepts and stores credit card details must comply with the PCI-DSS (Payment Card Industry Data Security Standard). The standard was introduced in an attempt to reduce the chances of credit card fraud. While most Active Directory implementations don’t store credit card details, they may still be subject to a PCI audit. Non-Compliance of PCI can lead to lawsuits, fines, insurance claims, and a subsequent loss of sales … Read more
Here’s what you need to know about GDPR – including how it will be affected by Brexit
02.03.2017, Compliance, by Phillip Robinson.For those who don’t know about GDPR, it stands for the General Data Protection Regulation, and is a new set of rules passed by the European Union which aim to reform the out-dated and inconsistent EU Data Protection Directive. The GPDR will come into effect from May 2018 and will be applicable across all 28 EU member states. However, for those of you that believe Brexit means you won’t be … Read more
Organizations are, quite rightly, concerned about the safety of the Electronic Protected Health Information (ePHI) of their clients and employees. Despite best efforts to secure this information, recent surveys have highlighted multiple cases in which organizations have violated HIPAA compliance mandates. In addition to attracting penalties, these violations can be damaging to reputation and expose the potentially sensitive, private information of users. It is therefore important, for a number of … Read more
New Compliance Regulations and their Implications on Your Business
03.24.2015, Compliance, by Amrita.Staying on top of compliance regulations is one of the most important tasks for all the organizations. IT departments of almost all organizations are always under pressure to meet the changing compliance requirements. Some of the common compliance requirements under which most organizations fall are SOX, HIPAA, GLBA, PCI DSS etc. SOX compliance was enacted to protect shareholders and general public from the accounting errors and malpractices which could … Read more
Cyber-criminals are becoming more adept at stealing credit card information all the time. Organizations that handle or process card data in any capacity must take the necessary precautions to protect that data. At the very least, they should ensure they’re in compliance with the Payment Card Industry Data Security Standard (PCI DSS), developed to encourage and enhance cardholder data security across the globe. The PCI DSS defines 12 requirements that … Read more