Archive for the ‘Compliance’ Category

Due to the incoming GDPR, many people from all departments are finding the need to familiarize themselves with new or updated concepts of how they are going to have to handle and store sensitive data. In many ways this is a great thing, ensuring that even those without any speciality for data protection within the organization have at least a rudimentary understanding of the importance of giving users more control … Read more

We talk to hundreds of enterprises in the finance and banking sector, and we’ve seen compliance putting more strain on IT and information security teams than ever before. If you’re in IT, you will know GDPR is imminently due and is the most talked about event in the IT world at the moment. It’s likely you’re already sick of hearing about it already, and it’s not even enforceable yet. Your … Read more

Irrespective of the country, size or sector your organization operates in, it’s more than likely that you’re bound by one or multiple compliance mandates, such as PCI, HIPAA, SOX, FISMA and others. If you handle or process the data of EU citizens, very soon you’re going to be bound by one of the most talked about compliance mandates of recent years; GDPR. These compliance mandates tend to have one thing … Read more

In preparation for the upcoming GDPR regulation, the ICO have commissioned a media campaign to provide valuable information to consumers on what it means for them. Although the details of the campaign are still being ironed out, we know that it will be run in April under the banner “Your Data Matters,” will have a logo, strapline and aim to visually tell a story of data protection. The aim of … Read more

The position of compliance manager is more important in today’s business landscape than at any other point in time. What, exactly, is their function? Borrowing a reference from the smash hit Star Wars movie franchise, compliance managers function as the mindful C-3PO androids that oversee the ethical and legal standing of a company. Not only do they implement the necessary standards as derived from industry policies, they also have the … Read more

With eCommerce ruling the market, the frequency of data breaches has blown-up. Vulnerabilities in the card-processing ecosystem have led to compromised point-of-sale devices, e-commerce applications, personal computers, wireless hotspots and beyond. To combat this trend, a PCI Data Security Standard was created by the PCI Security Council with founding members including American Express, JCB International, MasterCard Worldwide, Visa Inc. and Discover Financial Services. We have collated here all the requirements … Read more

The Health Insurance Portability and Accountability Act (HIPAA) was put in place in 1996 to continuously develop regulations protecting the privacy and security of electronic protected health information, or ePHI as it is commonly known. It is predominantly broken down into two parts, the HIPAA privacy rule and the HIPAA security rule. The privacy rule establishes national standards for the protection of certain health information whereas the security rule enforces … Read more

So many organizations that claim to be able to prepare you for GDPR have been staunchly warning of the risks of non-compliance. Up until recently, we believed this was more of a scaremongering tactic than anything that held any real weight. We’ve all heard the lofty figures that organizations could be fined (up to €20 million or up to 4% of global annual turnover, whichever is higher) but many of … Read more

With all the talk this year being about the introduction of the GDPR, it’s understandable that other compliance mandates take a back seat. One such casualty of this focus is SOX compliance. SOX (or the Sarbanes-Oxley Act) has been around since 2002 and was put into place to protect shareholders and the general public from accounting errors and fraud, as well as improving the disclosure of corporate, enterprise disclosures. Also … Read more

In a word, yes! As the deadline for GDPR creeps ever closer, companies are becoming increasingly anxious about the potential consequences of non-compliance. Some of their main concerns include fines, reputational damage, job losses and, in some cases, they are concerned that they will go out of business. These concerns are not unfounded. After all, the GDPR is unquestionably the most stringent data privacy regulation the world has seen to … Read more