Security and Privacy Controls

News & Analysis as of

Top 10 Issues for Employers, Issue #6: Balancing BYOD Programs with Expectations of Privacy at Work

This is the sixth instalment in our Top 10 Issues for Employers series. OVERVIEW - The workplace practice of bring your own device (BYOD) has hit the mainstream as more and more employees use their own mobile...more

Data Breach Handbook for the Restaurant Industry

Although statistics vary, in 2015 there were approximately 3930 incidents involving data loss and, according to one watchdog group, those incidents impacted over 736 million consumer records. Many of those data security...more

Pension Plan Suffers Cybersecurity Attack, ERISA Advisory Council Offers Cybersecurity Recommendations to DOL

It has been reported that infamous bank robber, Slick Willie Sutton, once said, “I rob banks because that’s where the money is.” Data thieves, understandably, have a similar strategy – go where the data is. The retail...more

CFTC Approves Supplemental Proposal to Regulation AT

On November 4, the Commodity Futures Trading Commission (CFTC) approved for publication in the Federal Register a supplemental proposal (the "Supplemental Proposal") to Regulation Automated Trading ("Regulation AT"). The...more

Mitigating Cybersecurity Risks

Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more

CFTC Revises Proposed Reg AT

The Commodity Futures Trading Commission (CFTC or Commission) on November 3, 2016, proposed revisions (the Supplemental Proposal) to proposed Regulation Automated Trading (Reg AT). Reg AT, if adopted, will broadly affect...more

Personal Data Protection Act - Obligations to protect and secure data, and what to do in case of breach

Since the coming into force of the Personal Data Protection Act (Cap 26 of 2012) (PDPA) in 2012, many organisations had focused only on part of their obligations under the PDPA, i.e. that of ensuring that their policies and...more

Guidelines for Third-Party Vendor Management Programs

Third-party service providers present difficult and unique privacy and cybersecurity challenges. Vendor management is important throughout the life of your relationship with your vendors. Vendor diligence starts during the...more

Guidelines for Cloud Computing

Most companies now use some form of cloud computing whether through software as a service, platform as a service, or infrastructure as a service. Cloud computing’s cost-effective scalability can offer significant advantages...more

Cyber Security Awareness Needs To Last Beyond October

The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance...more

Guidelines for Privacy Certifications and Trustbrands

Privacy certifications, or “trustbrands,” are seals licensed by third parties for organizations to place on their homepage or within their privacy policy. The seals typically state, or imply, that the organization which has...more

New Use for Drones on Australian Beaches

In Western Australia’s South West beaches surveillance drones will hit the skies to increase swimmer safety by spotting sharks in the water. This project will take place over a three-month period (from November to January)...more

How Much Do You Spend on Cybersecurity…and on What?

Fortune.com reported that according to an International Data Corporation (IDC) forecast, by 2020, spending on security-related hardware, software, and services will eclipse $100 billion. However, consulting company NTT Com...more

Guidelines for Data Maps and Data Inventories

Knowing the type of data that you collect, where it is being held, with whom it is being shared, and how it is being transferred is a central component of most data privacy and data security programs. The process of answering...more

HHS Issues Cloud Computing Guidance Which Is Helpful To All Users of Cloud Services

Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected...more

Data protection in video surveillance systems

Since video surveillance systems involve the capture of images of individuals, Colombian privacy law must be observed when operating such mechanisms. Therefore, the Superintendency of Industry and Commerce issued the...more

Privacy Tip #55 – October is National Bullying Prevention Awareness Month

I never knew that since 2006, October has been designated as National Bullying Prevention Awareness Month. According to the Department of Health and Human Service’s website, “This year’s Bullying Prevention Awareness Month...more

NYSDFS unveils new cybersecurity requirements for foreign and domestic banks

The New York State Department of Financial Services (NYSDFS) recently unveiled its cybersecurity regulation for financial services companies, which takes effect on January 1, 2017. This regulation applies to every banking and...more

Guidelines for Written Information Security Policies

Although federal law only requires that financial institutions and health care providers maintain a written information security policy or “WISP,” approximately thirty four states have enacted legislation that requires...more

Avoiding common law firm cybersecurity pitfalls

Cybersecurity often causes trepidation among attorneys simply because attorneys lack understanding of the nature of online risks and how to protect themselves. As evidenced in Part One of this series, law firms appear to be...more

Customer Data and Privacy Laws

Customer data can be a treasure trove for an organization.  Many businesses believe customer and prospect data to be their most valuable asset.  Unfortunately, some have discovered that, unless handled with care, it can also...more

Privacy Implications of the Federal Aviation Administration’s New Drone Rule

A new era in the field of aviation began on August 29, 2016, when the Federal Aviation Administration’s (FAA’s) long-awaited commercial drone rule went into effect. The new rule, formally known as Part 107, broadly authorizes...more

Keeping Your Cybersecurity Affairs in Order: How to Avoid Becoming the Next Ashley Madison

In late August, the Privacy Commissioner of Canada and the Australian Privacy Commissioner published the results of their joint investigation into the hack of notorious infidelity site, Ashley Madison, and its parent company,...more

Federal Trade Commission Invites Comments on Gramm-Leach-Bliley Act (GLB) Safeguards Rule

‘Tis the season for listening. Joining a previous Presidential Commission invitation, the Federal Trade Commission (the FTC) is now seeking comments on the GLB Safeguards Rule. The GLB Safeguards Rule, which took effect in...more

Personal Data Protection - Personal Data Protection Commission publishes nine decisions on data protection enforcement

On 21 April 2016, Singapore’s Personal Data Protection Commission (PDPC) published its decisions of action taken against organisations in breach of provisions relating to the collection, use and disclosure of personal data...more

160 Results
|
View per page
Page: of 7
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×