Blog - privacy and compliance best practices

Regulatory Trends: Texas Data Breach “Wall of Shame”

For privacy and compliance leaders, notifiable privacy data breaches aren’t ideal, but they are necessary. In September 2021, Texas house bill House Bill 3746 will allow the state attorney general to publicly list organizations who have issued data security breach notifications. At an important moment for privacy regulation, does this regulatory environment encourage organizations to notify when obliged, or does it discourage compliance with legislation?

Incident Response Planning for Healthcare

Laura Rieben, Deputy Privacy Officer at Independence Blue Cross, joined The Privacy Collective on June, 24, 2021 to discuss the unique challenges health insurers face while managing personal information, navigating complex data breach notification obligations, and wrangling third-party contractual obligations.

Privacy Regulatory Trends: Your Guide to The NAIC Insurance Data Security Model Law

Urgency for states to adopt the NAIC Insurance Data Security Model Law reveals a legislative pipeline full of nuanced and complicated insurance laws coming into play this year. With unique effective dates and notification obligations, here’s what you need to know to meet compliance with new state adoption of NAIC model laws.

Is Your Incident Response Process- or Outcome-Oriented?

Traditionally, business processes have driven efficiency across organizations. However, amid increasing data breach notification regulations, compliance teams may be being pulled into a slippery slope of internal reporting. Can outcome-based process evaluation help compliance leaders drive change?

COVID Privacy and Your Workforce

The return to the workplace is happening fast and COVID privacy is a hot topic. Here are tips for how privacy teams can work with other departments to make a plan for managing data and to protecting employee privacy.

Hacking Healthcare: Critical Infrastructure at Risk

The healthcare industry is no stranger to digital threats, however, recent cyber attacks on critical infrastructure shed light on the need for healthcare systems to improve data management and security practices to maintain compliance amid new and changing threat vectors.