Beating the High Cost of Inefficient and Inconsistent Processes with Privacy Automation

As privacy grows in importance, so does the need for effective incident response management. Ideally, this includes consistent processes, well-established policies and procedures, collaboration across departments, and proof of compliance. The reality is often a lot different—and a lot more chaotic.

Read more

Anatomy of a Privacy Incident: Webinar Q&A

The recent webinar Anatomy of A Privacy Incident: Data Breach Response and Investigation Best Practices dove into the best practices for designing an incident response program that encourages an organization-wide culture of compliance. Panelists Andrew Reeder from Rush University Medical Center and Asra Ali from Healthscape Advisors lead a lively discussion into the ins and outs of compliance programs, covering topics ranging from common presumptions and best practices for managing the phases of incident response within an organization. 

Anatomy of a Privacy Incident:  Data Breach Response and Investigation Best Practices  Request the webinar recording > Read more

How often do notification exceptions apply? We look to the data

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management brought to you by RADAR. Find earlier installments of this series here.

Read more

The One Challenge We’re all Too Familiar With: Lack of Budget For Incident Response

“There is only one amount of money—just not enough,” author Andrew Kaufman once wrote. Many departments in an organization feel the financial pinch, especially privacy teams, who face the challenge of completing herculean tasks on a small budget. Privacy budgets tend to be microscopic compared to those of security or IT/infosec teams. Thus, critical privacy activities such as incident response often get lower budgetary priority than new cybersecurity initiatives—and when that happens, the entire organization is at risk.

Read more

The Sooner the Better: Increasing Specificity in Notification Timelines

Today’s world is built for speed. Want a ride? Get an Uber or Lyft at your door in 10 minutes. Want your food faster? Use Grubhub and order ahead. Have a data breach requiring notification? Work quickly, because you may only have 72 hours to provide notification to individuals and regulatory authorities, depending on the jurisdiction.

Read more

A Regulatory Trend to Watch: The Expanding Scope of Personal Information

In 2018, less than 10 percent of data privacy or security incidents were breaches requiring notification. Yet it wouldn’t be surprising if that percentage starts to increase. One of the key factors in breach determination is the nature of the personal information exposed. Last year, we saw a significant expansion in the definition of personal information across multiple laws.

Read more

Are organizations meeting their notification obligations when timelines are specified?

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR, a provider of purpose-built decision-support software designed to guide users through a consistent, defensible process for incident management and risk assessment. Find earlier installments of this series here. 

Once an incident has been discovered, the clock starts ticking. Privacy officers and their teams must immediately investigate the incident, perform a multi-factor risk assessment according to all applicable jurisdictions to determine if the incident rises to the level of a data breach, and notify affected individuals, regulators, and authorities — often within a very short time frame. It can be a daunting task, compounded by the need to keep up with an ever-changing patchwork of data breach regulations, both enacted and proposed, each with their own unique requirements. 

Read more

Hitting a Moving Target: The Challenge of Ever-Changing Breach Notification Laws

The only constant in life is change, and few things in the world of privacy and data protection are evolving as much as breach notification laws. These regulations are more stringent, specific, and numerous than ever before. The constant shifting of breach notification laws makes compliance not a one-and-done activity, but requires constant vigilance to keep abreast of changes.

Read more

Finding the "Hidden Picture": The Challenge of Incident Detection and Escalation

Constant threats to sensitive data lurk in every corner of your organization, from hard-to-detect malware to busy employees. Thus, you can bet with 100% certainty that your organization has had, is having, or will have a data privacy incident—numerous incidents in fact. Each incident must be risk assessed against the latest breach notification laws to determine if you have a notifiable breach on your hands.

Read more

Breach Notification Regulatory Trends from 2018

2018 was all about change, especially in the breach notification realm. The tightening of existing regulations and the addition of new ones have created a seismic shift toward greater complexity and stringency. Compliance has never been more critical—and never more difficult.

Read more

Tackling the Top 4 Challenges of Managing Incident Response

Wherever data goes, risk follows close behind, particularly the risk of unauthorized access and disclosure—in other words, a data privacy or security incident. Whether they realize it or not, every organization regardless of size or industry has experienced and will experience their share of privacy incidents.

Read more

Protenus and RADAR Partner to Mitigate Security and Privacy Risks for Healthcare Organizations

Leading healthcare compliance analytics company and top incident response management company partner to provide technology for security and privacy incident detection and risk assessment, ensuring compliance with HIPAA and U.S. state breach notification requirements.

BALTIMORE, MD — January 7, 2019 — Protenus, a healthcare compliance analytics platform that protects patient privacy for the nation's leading health systems announces a strategic partnership with RADAR,the award-winning provider of incident response management software, to help healthcare organizations reduce the risks associated with unauthorized disclosures of protected health information.

Read more

Busting 3 Dangerous Myths about SaaS Solutions

When evaluating different solutions for incident response management, many factors come into play. Understandably, budget tops the list, closely followed by security, functionality, ease of use, and more. Underlying many of these concerns is the delivery method—should you choose software-as-a-service (SaaS) or an on-premise solution?

Read more

The Why, What, and How of Benchmarking Your Privacy Program

We live in a world of measurements, from batting averages to number of steps walked to miles per gallon. Measuring our performance against certain standards or that of others—in other words, benchmarking—gives us a line in the sand from which we determine how and where to improve. This is especially important in the world of privacy, where it can be hard to gauge the effectiveness of programs and initiatives. And without the numbers to back you up, getting sufficient organizational priority and budget for your privacy program is difficult.  

Read more

Dentons Announces Strategic Alliance with RADAR to Provide Innovation in Incident Response

WASHINGTON, DC and PORTLAND, OR. — December 6, 2018 — Dentons, the world's largest law firm, and RADAR,a leading provider of incident response management software, announce a strategic alliance to help clients reduce the risks and costs of compliance with data breach laws.

Read more