Compliance & Regulation

The world has never been more interconnected, with cloud and digital technology allowing companies to flourish and succeed globally. However, this interconnectedness comes with elevated risk  — partners, vendors, and...

That is the total amount in fines imposed by the European Union on businesses for non-compliance to GDPR, data infringement, and breaches on data protection since the launch of the...

The Health Insurance Portability and Accountability Act (HIPAA) is as important to the healthcare industry now more than ever — if not more. Hospitals, insurance companies and healthcare providers all...

“Take the CISO job,” they said. “It’ll be great,” they said. The role of the Chief Information Security Officer has always been a dynamic one. From securing endpoints and networks...

Technology and social media giants like Facebook and Google are about to get a huge reality check in how they handle customer data. The California Privacy Rights Act (CPRA) is...

The Risk Management Framework (RMF) is a set of criteria that dictate how the United States government IT systems must be architected, secured, and monitored. Originally developed by the Department...

The United States Department of Defense is implementing the Cybersecurity Maturity Model Certification (CMMC) to normalize and standardize cybersecurity preparedness across the federal government’s defense industrial base (DIB). This piece...

No. That’s the answer in their FAQ. Out-of-the-box Office 365 is not HIPAA compliant, and you need to take the appropriate steps to ensure your organization stays compliant. As the...

It’s 2020, do you know where your data is?  If you answered yes to that rhetorical question, you have a decent grasp of data governance. If not, it’s time to...

Happy 2020!  The New Year brings Californians under the California Consumer Privacy Act (CCPA). CA consumers can ask state-based companies for all relevant data, and to request that companies delete...