RADAR Blog

Last month during the annual Privacy.Security.Risk. event, the IAPP released the results of the 2017 IAPP-EY Annual Governance Report. We always look forward to this report, now in its third year, having now compiled survey responses provided by nearly 600 privacy professionals across the globe. The findings have been consistent with what we’re hearing from customers and industry partners, who are making frantic efforts to prepare to comply with the rigors of GDPR and its risk based framework.

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident-response management. Find earlier installments of this series here. 

Building on its leadership team, the CFO role will accelerate financial strategy

This abridged news article was originally published by the Portland Business Journal. Click here to read the full story from Malia Spencer.

The Oregon Entrepreneurs Network (OEN) recognizes RADAR, Inc. in celebration of Oregon-based companies and their impact on the regional economy.

This news article was originally published by the IAPP.

The International Association of Privacy Professionals (IAPP) recognizes RADAR, Inc. for its innovative platform for simplifying compliance with data breach laws.

At RADAR, we understand how critical it is to keep sensitive information secure. Our clients use RADAR to manage privacy incidents involving Personally Identifiable Information (PII) and Protected Health Information (PHI), and we support this work by following best practices and industry standards for application, network, and infrastructure security.

RADAR’s unique technology platform provides a single platform to efficiently manage regulatory and contractual incident response obligations.

The Portland Business Journal award recognizes RADAR, Inc. for innovation, design, industry impact, and revenue growth.

PORTLAND, Ore., — October 12, 2017 – RADAR, Inc., a SaaS solution provider of privacy and security incident response management, announced today that it has been selected as one of the recipients of the Portland Business Journal's 2017 Small Business Innovation Awards. This award is intended to recognize companies with fewer than 100 employees that are providing cutting-edge products or services with the potential to be a market changer, having a compelling product or service offering and demonstrated excellence in:

In my career, I’ve led development teams creating both software as a service (SaaS) and installable on-premise solutions, so I am familiar with debates about the realities and myths of SaaS vs. on-premise. Whenever this debate resurfaces, I address the concerns raised as I would any operational initiative: by asking questions and challenging assumptions.

Measuring the efficacy of your privacy program is one way to ensure you have a baseline for improvement, as well as a means to test and prove that your continuous efforts to improve security and privacy at your organization are having their intended impacts. Establishing benchmarking metrics is also important to lend continuity to a process that can sometimes resemble a fire drill. In the midst of an unauthorized disclosure of protected, private data, your team will be moving fast and engaged in a flurry of activity in order to properly document and risk assess an incident to determine regulatory and contractual notification obligations, if any, in order to meet notification deadlines and prove compliance.

Privacy and security teams are often painted as adversaries in compliance. While it's true that privacy, security, and risk professionals often come from different backgrounds and interests, they are united in their shared pursuit of compliance and events like the IAPP Privacy. Security. Risk. 2017 illustrate the way these fields are converging. 

Privacy professionals across the globe all have the same date circled in their day planners in May of 2018. The EU General Data Protection Regulation (GDPR) enforcement deadline is fast approaching, and the risk of noncompliance are very real: failure to meet the 72 hour notification timeline could result in fines up to €20M or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher. Many questions about complying with the GDPR yet remain, including how to best approach the regulation, interpret the law, then plan, implement and manage a strong compliance program.

If anyone ever doubted the importance of data security incident response, the Equifax breach should put those doubts to rest. On top of the widespread concern about a breach affecting 143 million consumer records, there are all the hard questions about why it took Equifax more than six weeks to make the breach public. Since the announcement, the Senate Finance Committee, the Justice Department, the Federal Trade Commission, the Securities and Exchange Commission, and multiple state attorneys general have launched investigations into the breach; over 50 class action suits have been filed; three executives, including CEO Richard Smith, have been retired; the stock value has dropped over 30%; and many experts predict the breach will result in new regulatory reporting standards for the financial industry.