Netwrix and Stealthbits merge to better secure sensitive data. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Compliance

Browsed By
Category: Compliance

3 Strategies to Ensure Readiness for DSARs

A data subject access request (DSAR) is a common requirement in privacy regulations today. It grants individuals the right to request all the personally identifiable information (PII) an organization has gathered about them, along with how the organization is using that data and who they’ve shared it with. Responding to DSARs can be a daunting task for any organization. In fact, Gartner reports that manually processing a single request costs organizations more than $1,400 and takes most o…
Global Compliance Demands: The Singaporean Personal Data Protection Act (PDPA) Reviewed

Global Compliance Demands: The Singaporean Personal Data Protection Act (PDPA) Reviewed

| Adam Rosen | | Leave a Comment
The push for data privacy regulation has exploded in recent years, with the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) taking center stage. Gartner predicts  “ By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.” For much of the world, this regulatory shift will have a substantial impact on the way businesses collect and process information. However, organiz…
South Africa’s Protection of Personal Information Act (POPIA) Compliance

South Africa’s Protection of Personal Information Act (POPIA) Compliance

| Dan Piazza | | Leave a Comment
Following in the footsteps of GDPR, CCPA, and LGPD, South Africa’s data privacy law, Protection of Personal Information Act (POPIA), took effect on July 1st, 2020, with an effective date for enforcement of July 1st, 2021. What this means is that affected organizations have a year to prepare and should take advantage of the grace period to stay ahead of requirements. POPIA is modeled after the EU’s GDPR, as many recent data privacy laws and frameworks have been. By doing so POPIA grants use…
Lei Geral de Proteção de Dados Pessoais (LGPD Compliance) What You Need to Know About Brazil’s National Data Privacy Regulation

Lei Geral de Proteção de Dados Pessoais (LGPD Compliance) – What You Need to Know About Brazil’s National Data Privacy Regulation

| Dan Piazza | | Leave a Comment
It can be difficult to keep up with all the data privacy regulations across the globe, and failure to comply can result in heavy fines and other punishments. This growth of global data privacy laws represents major progress for consumer rights and gives organizations who comply a chance to earn trust from their customers. This brings us to the most recent major data privacy law to go into effect – Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD). Originally the regulation was set to…
What is the California Privacy Rights Act?

What is the California Privacy Rights Act?

Just days before the enforcement of the California Consumer Privacy Act (CCPA) began on July 1st, 2020, the California Privacy Rights Act (CPRA) received enough signatures to qualify to be on the November ballot. This ballot initiative, also referred to as Prop 24, was drafted by the non-profit organization Californians for Consumer Privacy, and looks to extend and clarify several of the provisions in existing California privacy law.  If this measure is approved, it w…

What is a Data Protection Impact Assessment (DPIA)?

| Farrah Gamboa | | Leave a Comment
Article 35 of the EU General Data Protection Regulation (GDPR) describes the requirement for organizations to “carry out an assessment of the impact of the envisaged processing operations on the protection of personal data”. This process referred to as a Data Protection Impact Assessment (DPIA), is an integral component of the GDPR, and if not carried out when required, can leave an organization open to enforcement action such as potentially steep fines.    In this blog…

The Growth of Global Data Privacy Laws – Beyond GDPR & CCPA

| Dan Piazza | | Leave a Comment
The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the charge. This means consumers around the globe are gaining rights regarding how their data is collected, stored, and sold, as well as more ways to hold companies accountable when poor data security practices lead to data breaches involving their personally identifiable information (PII)…

Data Subject Access Requests (DSAR) – How to Prepare & Respond

| Dan Piazza | | Leave a Comment
A term popularized by the EU’s General Data Protection Regulation (GDPR), a Data Subject Access Request, also known as a DSAR, is an individual’s right to request information on personally identifiable information (PII) an organization has gathered about them, how that organization is using that data, and who that data has been shared with. PII includes names, social security numbers, phone numbers, behavioral data, and more; pretty much anything that can be used to identify a specific indivi…
NIST Password Guidelines in 2020

NIST Password Guidelines in 2020

| Dan Piazza | | Leave a Comment
What are NIST Password Guidelines? Since 2014, the National Institute of Standards and Technology (NIST, a U.S. federal agency) has issued requirements and controls for digital identities, including authentication, passwords (known as “memorized secrets”), and more via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, with updates as recent as 2019. Revision 4 is currently open for comment and review, however, revision 3 is still the standard as of the time of…

EU-US Privacy Shield Revoked: What This Means for EU-US Commercial Data Transfers

Europe’s top court, the Court of Justice of the European Union, recently struck down the EU-US data privacy arrangement known as Privacy Shield, which many organizations rely on when transferring data from the EU to the United States. Privacy Shield was enacted in 2016 to replace the Safe Harbor Privacy Principles, which was declared invalid by the same court in 2015. In addition to replacing Safe Harbor, it aimed to protect the fundamental rights of anyone in the EU whose personal da…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!

 

Loading

© 2021 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL