RADAR Blog

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by Radar Inc., a provider of purpose-built decision-support software designed to guide users through a consistent, defensible process for incident management and risk assessment. Find earlier installments of this series here.

This article by RADAR CEO Mahmood Sher-Jan originally appeared on the Compliance and Ethics blog. Click here to view it in its original format.

In July Gartner published its new Hype Cycle for Privacy, which provides a snapshot of various technology capabilities and categories, their relative market trajectory over time, and forecasts for future adoption. A new category that emerged in the 2018 report is Data Breach Response, whose debut underscores the emergence of a broader awareness of this critical capability for enterprises that collect and process personal data.

RADAR is the trusted incident response solution used by Fortune 500 and multinational enterprises subject to data privacy regulations to simplify compliance with U.S. and international data breach laws, including the EU GDPR.

Unless you’re storing grain on a farm, I think we can all agree that silos are bad, and that collaborative efforts are good. So why do silos continue to plague the business world?

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident response management. Find earlier installments of this series here. 

On May 25, the EU GDPR went into effect. Prior to this day, there was much speculation as companies prepared for the rigors of this new privacy regulation - would companies be prepared? Would regulators? How would the public react? 

A number of state data breach bills have recently gone into effect, or are poised to go into effect in the next two months. Continuing our series of articles around trends in state data breach notification laws, let’s take a look at this legislation and see what trends we can identify.

This abridged news article was originally published by the IAPP in their Privacy Tech publication. Click here to read the full story by Ryan Chiavetta, CIPP/US.

Partnership provides businesses with access to innovative privacy tech solutions to operationalize compliance with data privacy and breach notification regulations, including the EU General Data Protection Regulation (GDPR)

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident response management. Find earlier installments of this series here. 

Last week saw a great migration of healthcare compliance, privacy, and risk officers to sunny Las Vegas for the annual HCCA Compliance Institute. Wandering the halls of the event, you were likely to overhear people on their phones between sessions, urgently relaying what they’d just learned to their teams back home. This need to quickly disseminate information learned at the conference speaks to the quality of the conference content and the value of the speakers at the event.

In recent years, we have seen growing influence of state attorneys general in the realm of consumer data protections. State laws are increasingly requiring AGs be notified in the event of a breach, and state AGs are taking action for noncompliance, filing lawsuits for failure to notify within the required timeframe and reaching hefty monetary settlements for paper based data breaches.  

Privacy or security incidents involving protected health information (PHI) and personally identifiable information (PII) are more than just probable in healthcare settings–they are inevitabile. And this makes sense, as heavily regulated industries like healthcare rely on highly personal and sensitive data to provide care, and the abundance of such data presents higher risk of unauthorized disclosures – unintentional or malicious. The frequency and types of risks to an organization’s data are growing wider, as well, from a ransomware attack or a breach in your Electronic Health Record (EHR), to a simple misdirected mailing or improper disposal of paper records.

For those tasked with the daily, detailed work of ensuring their organizations’ compliance with data breach notification regulations–particularly in light of the complexity of preparing for new regulations to go into effect, namely GDPR–it could be easy to forget the person in personal data. Speakers from this year’s IAPP Global Privacy Summit reminded us of just how reductive that vantage point can be, touching on the very human element that lies behind every privacy incident.