Call Us at: +44 1772 217800 +353 01 554 9700 +1 303 317 5998
Call Us at: +1 303 317 5998

Tag: data privacy

Understanding the Importance of ISO 27001:2022 Standard for Your Company

Posted on by Daniela Atanasovska
iso 27001:2022

Imagine a scenario where a renowned healthcare provider like Kaiser Permanente notifies over 13 million customers of a potential data compromise due to third-party vendors. Picture individuals receiving unsettling notices detailing the exposure of their personal information, including IP addresses and browsing activity on Kaiser’s website and mobile applications. Despite the absence of financial data […]

Read More… from Understanding the Importance of ISO 27001:2022 Standard for Your Company

Strategic Synergy: Optimising GDPR Compliance through ISO 27001:2022 Controls

Posted on by Daniela Atanasovska
gdpr compliance iso 27001

In our recent blog ISO 27002: A Comprehensive Guide to Information Security Controls, we underscored the significance of ISO 27002 in fortifying information security practices amidst rising data breaches. Emphasising its role in supporting ISO 27001’s Information Security Management System (ISMS), we explored the framework’s sections on organisational, people, physical, and technological controls. The systematic […]

Read More… from Strategic Synergy: Optimising GDPR Compliance through ISO 27001:2022 Controls

Securing Personal Data under PIPEDA

Posted on by Tiana Dermendjieva
personal data under pipeda

In an age where data breaches are common, protecting personal information is not just a necessity, but a legal requirement in Canada. Organizations operating under PIPEDA (Personal Information Protection and Electronic Documents Act), must adopt stringent measures to prevent unauthorized access, use, and disposal of personal data. This blog explores the Principle of Limiting Collection, […]

Read More… from Securing Personal Data under PIPEDA

Handling Breaches in Accordance with PIPEDA

Posted on by Tiana Dermendjieva
breaches pipeda

Ensuring compliance with PIPEDA (Personal Information Protection and Electronic Documents Act) is paramount for any company handling personal data. One of the cornerstones of PIPEDA compliance is having a data breach response procedure in place. Such a procedure serves as a blueprint for companies to effectively address data breaches, ensuring that any potential risks to […]

Read More… from Handling Breaches in Accordance with PIPEDA

How to Manage Personal Information Access Requests under PIPEDA

Posted on by Tiana Dermendjieva
personal information

PIPEDA as a cornerstone of Canadian privacy law grants individuals critical rights over their personal information. Two key rights are the right to access their data and the right to correct any inaccuracies. For organizations, adhering to these regulations is not just a legal obligation; it’s a fundamental step in building trust and transparency with individuals. […]

Read More… from How to Manage Personal Information Access Requests under PIPEDA

PIPEDA’s Guidelines for Obtaining Meaningful Consent

Posted on by Tiana Dermendjieva
meaningful consent

Under PIPEDA, obtaining meaningful consent for the management of personal information is a complex yet critical requirement. Meaningful consent refers to the requirement that individuals must truly understand the nature, purpose, and consequences of the collection, use, or disclosure of their personal information before they agree to it. This blog post delves into what makes […]

Read More… from PIPEDA’s Guidelines for Obtaining Meaningful Consent

Understanding PIPEDA: Canada’s Federal Privacy Law

Posted on by Tiana Dermendjieva
pipeda

In this blog, we’re going to explore the Personal Information Protection and Electronic Documents Act (PIPEDA). We’ll explain what PIPEDA is, who it affects, and the main principles behind it. You’ll also learn about the rights it grants to individuals and the obligations it places on businesses. Our goal is to help you understand how […]

Read More… from Understanding PIPEDA: Canada’s Federal Privacy Law

Vendor Contracts: Contractual Requirements Under California Privacy Laws

Posted on by Sibel Amet
california privacy laws

The California Privacy Laws (CCPA/CPRA) require businesses to safeguard consumer data, especially when working with external vendors. When working with third-party vendors, service providers, and contractors, ensuring CCPA/CPRA compliance means establishing clear, legally binding contracts that protect consumer data throughout its lifecycle. These contracts set clear expectations and responsibilities regarding the handling of consumer personal […]

Read More… from Vendor Contracts: Contractual Requirements Under California Privacy Laws

Minimize Your Data, Minimize Your CPRA Risk: Streamlined Data for Better Compliance

Posted on by Sibel Amet
cpra

The California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), grant California residents strong privacy rights, such as understanding what data businesses collect, having it deleted, and limiting its use. A core principle is data minimization—collecting and storing only the necessary personal information. The CPRA explicitly mandates data minimization, purpose […]

Read More… from Minimize Your Data, Minimize Your CPRA Risk: Streamlined Data for Better Compliance

CCPA/CPRA Privacy Notices: Building Trust and Ensuring Compliance

Posted on by Sibel Amet
ccpa cpra

The California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), require businesses to provide consumers with clear and comprehensive privacy notices. Well-crafted privacy notices are crucial for demonstrating compliance and empowering California consumers with control over their personal information and as such are essential for building trust and ensuring compliance. […]

Read More… from CCPA/CPRA Privacy Notices: Building Trust and Ensuring Compliance