RADAR Blog

Looking good on paper: benchmarking data reveals importance of paper incidents across industries

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident response management. Find earlier installments of this series here. 

Read more

RADAR, Inc. Simplifies Compliance with the EU GDPR Breach Notification Requirements

Data controllers and processors benefit from RADAR’s automated risk quantification and notification guidance under the GDPR, the capability to take into account the scope and sensitivity of personal data within each organization, and the ability to ensure and simplify compliance with both regulatory and contractual notification obligations.

Read more

Benchmarking incidents involving regulated data as the GDPR looms

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident response management. Find earlier installments of this series here. 

Read more

Regulatory Watch List: Breach Notification Timelines in Proposed State Legislation

Working with privacy and compliance professionals, one of the challenges we often hear about is how difficult it can be to keep up with ever-changing breach notification regulations. Think of it this way: in the US alone there are 48 separate state breach notification laws (along with Washington, D.C. and three territories), each with their own unique definitions, breach notification triggers, and compliance requirements.

Read more

Data Privacy Day: What is the State of Privacy in 2018?

Last weekend on January 28 we observed Data Privacy Day, an internationally recognized day intended to raise awareness and promote privacy and data protection practices. First celebrated in the United States and Canada ten years ago, the day commemorates the Jan. 28, 1981 signing of Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, the first international treaty dealing with privacy and data protection.

Read more

OCR Enforcement Trends From 2017, and Areas of Concern for HIPAA Compliance

About this time last year, we predicted 2017 would see continued vigilance from the Department of Health and Human Services’ Office for Civil Rights (OCR) in regulating and issuing enforcement actions for HIPAA violations. The results are in, and there was sustained momentum from OCR in the last year, including 196 separate breach cases listed for 2017 on the OCR’s so-called “Wall of Shame” breach portal and notable financial settlements for HIPAA violations – in total, OCR received $19,393,000. A full listing of these enforcement settlements from 2017 can be found here.

OCR Enforcement Trends

Read more

Was 2017 the year of the breach? Lessons from benchmarking stats for a new year.

This article is part of an ongoing series on privacy program metrics and benchmarking for incident response management, brought to you by RADAR, Inc., a provider of purpose-built decision support software designed to guide users through a consistent, defensible process for incident management and risk assessment. Find earlier installments of this series here.

Read more

Stoel Rives LLP and RADAR, Inc. Form Preferred Provider Alliance to Offer Clients Innovation and Efficiency in Incident Response

PORTLAND, Ore., — January 23, 2018 – With organizations facing an increase in data privacy and security concerns, regulatory complexities, and associated organizational risks, penalties, and legal costs, SaaS solution provider RADAR, Inc. and law firm Stoel Rives have formed a preferred provider alliance to leverage and promote the use of RADAR’s purpose-built solution for compliance with data breach laws. Using and recommending the patented RADAR decision-support software for consistency in incident risk assessment and efficiency in response management will allow Stoel Rives to help clients reduce compliance costs while providing strategic data breach response services.

Read more

Maryland Revises Personal Information Protection Act, Brings More Specificity to Breach Notification Requirements

This year has barely begun and already there’s something new in the world of state breach notification requirements. On Jan 1, 2018, revisions to the Maryland Personal Information Protection Act (HB 974) went into effect, adding more specificity to the state’s breach notification requirements.

Read more

Regional Support and Innovation Showcase at Portland Startup Pitch Event

In December I had the pleasure of acting as emcee for Pitch Oregon 2017, an annual event hosted by TiE Oregon featuring regional early stage startup entrepreneurs pitching in front of a panel of judges for cash and investment opportunities. I’ve been involved in the entrepreneur scene in Portland for more than a decade, both as a mentor and volunteer and as an employee at start-up and growth stage companies. This event serves as a great representation of what the region has to offer, and the role that leaders at startups and established enterprises can have in fostering opportunities for budding organizations.

Read more

Clarification from Working Party 29 on Key Breach Notification Terms

On November 28, 2017, the Article 29 Working Party (WP29) closed its public consultation period for WP250, guidance issued by the European advisory body on personal data breach notifications to supervisory authorities and data subjects under the GDPR.

Read more

Washington State Attorney General Files Lawsuit Against Uber – Will Other States Follow?

On November 21, 2017, Uber disclosed a data breach potentially affecting 57 million passengers and drivers around the world, including over 10,000 Washingtonians. One week later, on November 28, 2017, Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit.

Read more

Increasing Privacy Technology Investments and Other Takeaways from the 2017 IAPP-EY Annual Governance Report

Last month during the annual Privacy.Security.Risk. event, the IAPP released the results of the 2017 IAPP-EY Annual Governance Report. We always look forward to this report, now in its third year, having now compiled survey responses provided by nearly 600 privacy professionals across the globe. The findings have been consistent with what we’re hearing from customers and industry partners, who are making frantic efforts to prepare to comply with the rigors of GDPR and its risk based framework.

Read more

Actionable insights: Privacy incident volume over time

This article is part of an ongoing IAPP Privacy Advisor series on privacy program metrics and benchmarking for incident-response management. Find earlier installments of this series here. 

Read more

RADAR, Inc. Adds Ben Kaufman as CFO

Building on its leadership team, the CFO role will accelerate financial strategy

Read more