Blog - privacy and compliance best practices

What Do Regulators Look for in Privacy Audits?

What do regulators look for in privacy audits? It’s important to manage them successfully when regulators come calling. Learn more in the blog.

6 Questions Employers are Asking About COVID-19, Vaccines, and HIPAA

As employees are returning to in-person work, returning to group events, etc. there are questions. For example, as an employer, can you ask your employees for proof of vaccination? Are you violating privacy laws by doing so? It’s important for employers to understand the laws surrounding COVID-19 and HIPAA.

4 Steps to Manage Third-Party Privacy Risks

Third-party relationships entail serious risks—risks that privacy teams have the expertise to help manage and mitigate. By helping to identify and manage third-party privacy risks from the beginning of the business relationship, they can protect their organizations and also make their own jobs a lot simpler down the line. Whatever safeguards you can put in place at first, your organization will be better off than taking a “fingers crossed” approach to managing third-party privacy.

Intelligent Incident Response Automation: Say Goodbye to Spreadsheets

Challenges. Barriers. Obstacles. Not the words we like to use when describing incident response management, but let’s face the realities. Learn how you can help your organization overcome barriers to change and realize the value of intelligent incident response automation in the latest IAPP webinar.

Reduce Privacy Risk to Build Investor Confidence

Armed with tools and their in-depth understanding of the organization’s privacy risks and requirements, the privacy team can conduct tabletop exercises to assess the most likely worst-case scenarios, providing valuable insights to executive decision-makers.

Privacy Regulatory Trends: Personal Information and Biometric Data Privacy Laws

As more states seek to regulate and protect biometric data, companies that collect, use and store biometric data should consider creating and implementing policies and procedures that incorporate the appropriate security, notice, and consent requirements, even if they are not currently required to do so by law. However, until all 50 states amend their definitions of personal information to include biometric data, privacy leaders must navigate a patchwork of laws and regulations when performing incident risk assessments.