Imagine your private healthcare information appearing on a Google search…: The Office of Civil Rights (OCR), the enforcement arm of the Department of Health & Human Services (HHS), announced that […]
I’ll attempt to put this in plain English. If you deliberately delete data that is evidence in a court case you will most likely lose the case…: […] The court […]
A reminder, if you needed one, that a data breach need not involve computers and an external bad actor. Staff training is just as important as firewalls and fancy software…: […]
Any article that starts by talking about risk analysis is good in my book…: […] It probably does look weird, given how ubiquitous website privacy policies are, but whether you […]
What does your data retention policy state? If you say that you delete data, how do you establish that the data is actually gone and not recoverable from backups or […]
My advice (Disclaimer: I’m not a lawyer) is to use GDPR as your baseline privacy framework then manage the gaps for tricksy places like California…: Companies that do business in […]
Professional services firms struggle to justify internal spend that can’t be billed out to a client. I seems that GCs suffer from the same problem…: According a new survey from […]
Keep your friends close, and your employees closer still… According to the 2019 Verizon Insider Threat Report, 20 percent of all cybersecurity incidents and 15 percent of data breaches in […]
This is why we will continue to see random ware attacks. Crime does pay… Cities and towns continue to be a profitable target for successful ransomware attacks. As we previously […]
The same applies to S3, Google Drive etc. This is a question of setting up the accounts with ‘default deny’ privacy, educating users, and regular checks for misconfiguration…: Security researchers […]