RadarFirst Blog

Highlights from the IAPP DPC Conference: Global Regulatory Challenges in Privacy

Here in the US, the winter holidays kick off with Thanksgiving. And as I digest my turkey dinner, I'll also be digesting the many issues and ideas presented at the 2019 IAPP-Europe Data Protection Congress in Brussels. 

Read more

Amid a Flurry of Amendments and AG Guidance, the CCPA Deadline Looms Near

For better or for worse, the California Consumer Privacy Act (CCPA) will finally go into effect on January 1, 2020, and the Internet is ablaze with advice on how to meet the regulatory requirements of what some are calling “the beginning of ‘America’s GDPR.’” Last-minute amendments and late-issued guidance from the California Attorney General make compliance a real challenge, however.

Read more

The Pitfalls of Over-reporting Under the GDPR

After much fanfare, the EU's General Data Protection Regulation (GDPR) went into effect in May of 2018. In May 2019, the European Data Protection Board (EDPB) issued its 1-year assessment of the GDPR. In the first year, over 89,000 data breaches had been logged by EEA Supervisory Authorities. 

Read more

On Our Radar: November 15, 2019

Something we discuss pretty frequently around here at RadarFirst is the idea of sensitive data: what we call protected health information, personally identifiable information, or just personal data. We are constantly considering what qualifies as protected data under specific regulations, what risk the data may pose to individuals should it be disclosed in some way ... basically, what do we qualify as data we must protect as privacy professionals? 

Read more

On Our Radar: November 1, 2019

How is it already November? Halloween is behind us, and thank goodness for that! Privacy professionals have more than enough to scare and trick us in our professional lives already–did you read my colleague Dorothy’s recent post about the rise in heart attacks following a ransomware data breach

Read more

Evaluate Your Privacy Incident Response Program: Introducing New Quarterly Benchmarking Metrics

If you’ve ever participated in an organized sport, you’re likely well aware of the importance of context when it comes to evaluating your performance as a player. Say, for example, I play soccer every weekend (which I do). Let’s imagine I’m arguably the best defender on my team - or even across all the recreational players involved (it’s fun to pretend). I might start feeling pretty good about myself, and how I perform on the pitch. Now imagine I’m suddenly pulled into an MLS game, playing against professionals in the field. I might be a good player on a limited bench - on weekends, playing against other amateur enthusiasts, but in a larger scale I cannot rank or make the cut.

Read more

On Our Radar: October 24, 2019

Another week has gone by, and with it another news cycle filled with examples of recent data breaches, hacking attacks, and regulatory enforcements. Does it feel like our work as privacy professionals is enjoying a little too much of the limelight these days?

Read more

On Our Radar: October 11, 2019

It probably isn’t often that the world of privacy professionals is likened to a soap opera. However, if you really think about it, is the privacy world really all that far off from this genre of daytime television? The melodrama. The suspense. The evil twins!

Read more

The CISO’s Guide to Mitigating Enterprise Risk with Privacy by Design

In the good old days, CISOs were all about security. They served as guardians at the gate and protectors of the perimeter. As technology evolved, so did the CISO’s role. One of the most significant impacts on today’s CISOs, however, has nothing to do with mobile devices, malware, or the Internet of Things (IoT).

Read more

On Our Radar: September 27, 2019

This week has really been one for the books. 

Read more

To Manage Enterprise Privacy Risks, CISOs Have to Measure It

Chinese philosopher Sun Tzu once said, “Know thy enemy.” When it comes to managing risk, CISOs must know what threatens the privacy and security of their organization’s sensitive data. That means having the ability to identify and measure all the risks lurking throughout the enterprise—no easy feat.

Read more

On Our Radar: September 6, 2019

Around the RADAR offices, we talk a lot about the work of privacy professionals and how we can continue to bring greater value to our customers. Part of these discussions include quantifying the cost of poor incident response, and the risk presented to organizations when a data breach is mishandled. 

Read more

How long should it take to risk score and reach a notification decision for a privacy incident?

If you’ve been in the privacy world for any amount of time, you recognize there has been a marked increase in the speed at which our world operates. New threats to our data are introduced every day. With the expanding scope of what constitutes protected and sensitive data, the number of privacy cases we must manage at any given time is increasing.

Read more

On Our Radar: August 16, 2019

Last week we held our annual RADAR User Summit. This event brings together a group of innovative, forward-thinking privacy professionals for three days of interactive workshops, best practice sharing, and general community building. 

Read more

On Our Radar: July 25, 2019

Those of us in the Northern Hemisphere are well into our summer routines at this point - backyard barbeques, longer days, and warmer (or much too warm!) weather is being enjoyed by all. That’s the ideal, at least. Just as they say there’s no rest for the wicked, there is also no rest for those charged with protecting our personal data (PHI, PII, and beyond) data. It’s a 24/7 job, and it’s not going away anytime soon.

Read more