Categories
Compliance Into the Weeds

CFPB on Data Protection Minimums

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we explore the recent CFPB circular which noted a company’s failure to implement adequate data protection measures can qualify as an unfair practice prohibited under the Consumer Financial Protection Act.  Highlights include:

·      The CFPB is going to start bringing charges against more companies for sloppy data protection programs.

·      Three Key data protection security controls.

·      Why CISOs and IT needs to talk to compliance.

·      The role of auditing and monitoring.

·      How and where to get started.

Resources

Matt in Radical Compliance

Categories
Life with GDPR

GDPR-10 Years After Original Proposal


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, they celebrate the 10th anniversary of the initial proposal of the law, which became GDPR. Some of the issues they consider include:

  1. What was in the original proposal that did not become enacted in the final law?
  2. Reduction in costs-what happened?
  3. Right to be Forgotten morphed into something very different than intended.
  4. Fines, Fines, Fines.
  5. Evolution of regulatory sophistication.
  6. Criticism of regulators.

Resources
Check out the Cordery Compliance client alert on this topic; click here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Daily Compliance News

May 20, 2021 the Data Protection edition


In today’s edition of Daily Compliance News:

  • Data protection stupidity is no business strategy. (WSJ)
  • Panasonic Avionics whistleblower awarded $28MM. (WSJ)
  • Trump Organization under criminal investigation in NY. (WaPo)
  • Lithuanian central bank responds to Wirecard allegations. (FT)
Categories
Life with GDPR

Data Protection After Brexit


In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we begin a 3-part series on issues relating to GDPR after Brexit. They include data protection, data transfer and issues related to trade sanctions, AML and export control. In this episode we consider data protection. Highlights include:

  • Does GDPR still exist in the UK?
  • Does pre-Brexit case law still matter in the UK?
  • What is the temporary data protection deal between the EU & UK all about?
  • How will extra-territorial reach work for the EU & the UK?
  • Will I need a Data Protection Representative?
  • Will I need a new Data Protection Officer

Resources
Check out the Cordery Compliance Client alert on the data transfer after Brexit here.
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance and Coronavirus

Gabe Gumbs on Data Privacy and Data Protection Going Forward


Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I am joined by Gabe Gumbs. Gabe is the Chief Innovation Officer at Spirion. He leads the Spirion product team through strategic product development to create technologies that push data security forward in an increasingly complex digital world. Prior to his new position at Spirion, Gumbs held a range of positions in security technology, including VP of Product Management at Spirion. Other prior positions include VP of Product Strategy at STEALTHbits Technologies, and Director of Research and Products at WhiteHat Security. Gumbs also served on the Board of Advisors at eGRC.com.
In this episode, we consider some of the challenges around data in the age of Coronavirus. Gabe discusses some of the top questions he and his team are hearing from customers during this time of Coronavirus and economic dislocation around data privacy and data protection during the economic dislocation. Gabe observes that trends which were in play have been largely amplified as a result of Covid-19 and the attendant economic dislocation increased trends in cybersecurity compliance. We conclude with a discussion of Spirion’s Data Discovery Agent and it can assist companies at this point in time and into Q3 and Q4.
For more information on Spirion, check out their website here.
Check out Spirion’s Data Discovery Agent, here.

Categories
Life with GDPR

Life With GDPR: Episode 24- Phishing

In this episode, I visit with Jonathan Armstrong consider the increasing business risk around phishing. There have recently been some multi-million-dollar losses around phishing so you need to be prepared. Some of the issues and highlights are:

  1. What is phishing?
  2. The largest number of data breach have come through phishing. Why has it become such a business risk?
  3. What are the requirements a company take against phishing under GDPR?
  4. What are the three key concepts in data protection?
  5. Modern phishing attacks are very sophisticated.
  6. What are some of the most intricate frauds seen in this area?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.