Blog / Privacy & Compliance
Privacy & Compliance
Is Microsoft Office 365 HIPAA Compliant?
Apr 30, 2020
Microsoft Office 365 is growing in popularity, but it can present some challenges to HIPAA compliance. Read on to learn more about Office 365 HIPAA compliance
How Varonis Helps With ITAR Compliance
Mar 29, 2020
International Traffic in Arms Regulations (ITAR) mandates that access to physical materials or technical data related to defense and military technologies is restricted to US citizens only. According to the US...
What is FISMA Compliance? Regulations and Requirements
Mar 29, 2020
FISMA is the federal government’s security requirements. If you work for on with a federal agency read on to learn how to get (and stay) compliant.
We Need to Talk About Gramm-Leach-Bliley (GLB): The Safeguards Rule Will Be Changing!
Mar 29, 2020
As a blogger following data security laws and regulations, I’m occasionally rewarded with an “I told you this law would be important” moment. Earlier this month with the news that...
NYS SHIELD Act: Updates to PII, Data Security, and Breach Notification
Mar 29, 2020
After the devastating Equifax incident, the New York State legislature introduced the Stop Hacks and Improve Electronic Data Security or SHIELD Act in order to update the existing breach rules....
Beyond Privacy and DSARs: Public Data Requests (FOI) Are the Law in 50 States
Mar 29, 2020
Happy 2020! The New Year brings Californians under the California Consumer Privacy Act (CCPA). CA consumers can ask state-based companies for all relevant data, and to request that companies delete...
What the H**L Does Reasonable Data Security Really Mean?
Mar 29, 2020
For anyone who’s spent time looking at data security laws and regulations, you can’t help but come across the words “reasonable security”, or its close cousin “appropriate security”. You can...
Post-Davos Thoughts on the EU NIS Directive
Mar 29, 2020
I’ve been meaning to read the 80-page report published by the World Economic Forum (WEF) on the global risks humankind now faces. They’re the same folks who bring you the once...
GDPR: The Right to Be Forgotten and AI
Mar 29, 2020
One (of the many) confusing aspects of the EU General Data Protection Regulation (GDPR) is its “right to be forgotten”. It’s related to the right to erasure but takes in far...
NYDFS Cybersecurity Regulation in Plain English
Mar 29, 2020
Learn about the new NYDFS cybersecurity regulation and the rules for basic principles of data security, documentation of security policies, and much more.
New SEC Guidance on Reporting Data Security Risk
Mar 29, 2020
In our recent post on a 2011 SEC cybersecurity guidance, we briefly sketched out what public companies are supposed to be doing in terms of informing investors about risks related...
How Privacy Policies Have Changed Since GDPR
Jun 25, 2018
In March the EU's General Data Protection Regulation went into effect. The data privacy law aims to create greater transparency around how personal data is handled. As a result of GDPR, privacy policies across the web were changed. We look at how GDPR changed the policies of some of tech's biggest names.
No overhead. Just outcomes.