INSIDER THREAT SECURITY BLOG

Automate the Process of Disposing of Data With GDPR now in effect, organizations are legally required to remove personal data once its purpose for processing has been met. In March of 2019 a Danish Taxi company, Taxa 4×35, was fined $180,000 for failing to properly dispose of its customer’s personally identifiable data (PII). An audit found that the company was only removing the customer’s name from the documents, however other personally identifiable information such as telephone numbers …

The penalty for failure to comply with the General Data Protection Regulation (GDPR) is up to $22 million or 4% of annual global turnover (whichever is greater). By now most organizations around the globe know that regardless of where they are based, this regulation affects them if they are doing business with EU citizens. Aside from having a responsibility to properly handling personal data, that amount of money can really hurt your business. For example, under the Data Protection Act o…

The Right to be Forgotten is defined as “the right to silence on past events in life that are no longer occurring.” The right to be forgotten leads to allowing individuals to have information, videos, or photographs about themselves deleted from certain internet records so that they cannot be found by search engines. As so many different compliance regulations roll out across the world, it’s important to understand the requirements from an organizational perspective as well as differences …

Well Ladies and Gentlemen, GDPR is finally upon us. I say finally because we have collectively been studying, reviewing, preparing and planning for this day for quite some time now. I know that not everyone is ready. And the European Commission equally knows that not everyone is ready. That is not an invitation to flaunt the rules however. In fact, I have pointed out before that there are indications that the European Commission will be keen on ensuring the regulation is taken seriously out o…