ResourceCenter

This set of documents, hosted by the NTIA, are a collection of comments on ways to advance consumer privacy while protecting prosperity and innovation.View Now... Read More

These resources, made available by the Federal Trade Commission, provide introductory and informative information concerning cybersecurity for small businesses.View Now... Read More

DataGuidance and the Future of Privacy Forum have published a comparison guide concerning the EU General Data Protection Regulation and the California Consumer Privacy Act. Points of comparison in this guide between the two pieces of legislation include scope, key definitions, legal basis, rights and enforcement.View Now... Read More

The U.S. Securities and Exchange Commission requires most publicly traded companies to annually disclose potential risk factors, including exposure to cybersecurity threats and violations of consumer privacy laws. The IAPP’s third annual study of these disclosures (part of Form 10-K) of 150 publicly traded companies shows that — like last year — effectively 100 percent identified concerns about cyberattacks in their 2017 10-K reports. New this year is a significantly higher concern about risks o... Read More

This Data Subject Access Rights Request Template, published by Postbank, legally named Eurobank Bulgaria AD, offers an example of a form requesting implementation of rights to be exercised at any branch of the bank.View Now (77 KB)... Read More

In this newest piece of an ongoing series of research that has looked at privacy operations and the use of privacy technology, the IAPP and TrustArc here examine the factors, including geographic region, organizational size, and sector, that are correlated with the current state and development of organizations’ response to various operational demands upon their privacy programs. We focused on certain core operational responsibilities required for compliance with most privacy regulations and the... Read More

The APEC Framework, published by the Asia-Pacific Economic Cooperation, is a framework to protect privacy within and beyond economies and to enable regional transfers of personal information benefits consumers, businesses, and governments. This framework is used as a basis for the APEC Cross-Border Privacy Rules (CBPR) System.View Now (294 KB)... Read More

The Phisher Queen creates her Latest weapon ... Blockhead! Click on the image below if you would like to download a high-resolution pdf to print and hang in your office. (26.7MB)... Read More

This slide deck created by the IAPP research team offers a customizable template for a report to organizational leadership to help Data Protection Officers show the activities of the data protection team as well as record compliance with the General Data Protection Regulation. Read More

November 14, 2018, draft proposal on the withdrawal of the United Kingdom and Northern Ireland from the European Union and the European Atomic Energy Community. The proposal wishes to set out the arrangements for the withdrawal, while taking account of the framework for the future relationship between the two countries and the remaining member-states of the European Union.Read Now (1.37 MB)... Read More