Privacy & Compliance

A Year in the Life of the GDPR: Must-Know Stats and Takeaways

Rob Sobers

Jun 17, 2020

This review of the GDPR covers how it's changed the way industries and individuals function online through GDPR stats, fines and policies of this past year

Wyden's Consumer Data Protection Act: How to Be Compliant

Michael Buckbee

Jun 17, 2020

Will 2019 be the year the US gets its own GDPR-like privacy law? Since my last post in this series, privacy legislation is becoming more certain to pass. Leaders from...

Cybersecurity Maturity Model Certification (CMMC) Guide

Michael Buckbee

May 29, 2020

Cybersecurity Maturity Model Certification (CMMC) is a standard for DoD contractors’ cybersecurity — we’ll cover what it is and how to achieve compliance

Is Microsoft Office 365 HIPAA Compliant?

Michael Buckbee

Apr 30, 2020

Microsoft Office 365 is growing in popularity, but it can present some challenges to HIPAA compliance. Read on to learn more about Office 365 HIPAA compliance

How Varonis Helps With ITAR Compliance

Jesse Rosenbaum

Mar 29, 2020

International Traffic in Arms Regulations (ITAR) mandates that access to physical materials or technical data related to defense and military technologies is restricted to US citizens only. According to the US...

What is FISMA Compliance? Regulations and Requirements

Michael Buckbee

Mar 29, 2020

FISMA is the federal government’s security requirements. If you work for on with a federal agency read on to learn how to get (and stay) compliant.

We Need to Talk About Gramm-Leach-Bliley (GLB): The Safeguards Rule Will Be Changing!

Michael Buckbee

Mar 29, 2020

As a blogger following data security laws and regulations, I’m occasionally rewarded with an “I told you this law would be important” moment.  Earlier this month with the news that...

NYS SHIELD Act: Updates to PII, Data Security, and Breach Notification  

Michael Buckbee

Mar 29, 2020

After the devastating Equifax incident, the New York State legislature introduced the Stop Hacks and Improve Electronic Data Security or SHIELD Act in order to update the  existing  breach rules....

Beyond Privacy and DSARs: Public Data Requests (FOI) Are the Law in 50 States

Michael Buckbee

Mar 29, 2020

Happy 2020!  The New Year brings Californians under the California Consumer Privacy Act (CCPA). CA consumers can ask state-based companies for all relevant data, and to request that companies delete...

What the H**L Does Reasonable Data Security Really Mean?

Michael Buckbee

Mar 29, 2020

For anyone who’s spent time looking at data security laws and regulations, you can’t help but come across the words “reasonable security”, or its close cousin “appropriate security”.  You can...

Post-Davos Thoughts on the EU NIS Directive

Michael Buckbee

Mar 29, 2020

I’ve been meaning to read the 80-page report published by the World Economic Forum (WEF) on the global risks humankind now faces. They’re the same folks who bring you the once...

GDPR: The Right to Be Forgotten and AI

Michael Buckbee

Mar 29, 2020

One (of the many) confusing aspects of the EU General Data Protection Regulation (GDPR) is its “right to be forgotten”. It’s related to the right to erasure but takes in far...