IAPP releases new salary survey

(Apr 20, 2017) Are you making what you're worth? That’s the big question. Per usual, the IAPP has the answer, with today’s release of the 2017 IAPP Privacy Professionals Salary Survey, sponsored by OneTrust and exclusively for IAPP members. Within, you’ll find data on the mean and median salaries, bonuses, and rate of salary increases for a wide variety of privacy professionals. We break things out by industry, years in privacy, certifications held, education attained, and by geography. Even by where you live ... Read More

Report shows hacking, phishing, malware top cause of data incidents

(Apr 20, 2017) BakerHostetler has released its 2017 Data Security Incident Response Report highlighting the need for business leaders to understand and be prepared for the risks associated with cyberthreats. Analyzing more than 450 cyber incidents that the firm's privacy and data protection team handled last year, the report found phishing, hacking or malware cause the majority of incidents at 43 percent — a 12 percent jump from last year. Human error came in second at 32 percent. The report also offers inform... Read More

EU public consultation to assess internet fears

(Apr 19, 2017) The Guardian reports the EU plans to launch "an unprecedented public consultation" to determine what Europeans fear the most about the future of the internet. Lead by REIsearch, the project aims to give policymakers a window into public priorities in their decision-making. A dozen publications, including the Guardian, will publicize a succession of surveys in the coming weeks, which will then be combined in early June. "Science should be open and freed from its traditional ivory tower; to be dis... Read More

Risk-scoring in the mobile environment

(Apr 18, 2017) We hear about “mitigating privacy risk” on a regular basis. The GDPR calls for a risk-based approach to privacy operations. Certain “high-risk” endeavors even trigger data protection impact assessments and calls to the local data protection authority’s office? Rarely, however, do we see risk-scoring in action. Until now. The IAPP and Kryptowire have teamed to survey 400 privacy professionals regarding how they score the risk of collecting dozens of types of personal data and performing actions i... Read More

2017 IAPP-OneTrust Privacy Professionals Salary Survey — Executive Summary

(Apr 14, 2017) Executive Summary Salaries are holding strong for privacy professionals in this tenth IAPP salary survey. With Europe’s General Data Protection Regulation (GDPR) looming and an increasing global appreciation for information privacy risks, new opportunities abound for privacy veterans and rookies alike. This report reveals wide variance in salaries, raises and bonuses among geographies, industries, and job titles, as well as among those with and without professional certifications. Who gets the ... Read More

2017 IAPP-OneTrust Privacy Professionals Salary Survey — Full Report

(Apr 14, 2017) The survey was sent to privacy professionals by email and via a link in the Daily Dashboard to its more than 30,000 subscribers. We focused specifically, as we have going back to 2003, on salaries, bonuses, and raises, and this year paid particular attention to pathways into the profession. Nearly 900 respondents from around the globe provided detailed information about pay in their own currency, which we converted to U.S. dollars for ease of comparison in this report. All responses were anonymo... Read More

Survey: Employers should be legally required to offer security training

(Apr 13, 2017) A survey conducted by FutureLearn found 93 percent of employees believe their company should be legally required to offer cybersecurity training, InfoSecurity Magazine reports. The social learning platform polled nearly 500 users of its platform for the survey, with 57 percent stating they have not received any cybersecurity training in the past 12 months. While numerous respondents said their employers offer guidance and policies on data handling, internet security, and encryption, only 58 perc... Read More

CNIL updates WP29 Plenary, releases research on location data flows

(Apr 11, 2017) In a pair of press releases, France's data protection authority, the CNIL, has provided an update to the recent Article 29 Working Party Plenary and shared research tracking where personal data flows to in the mobile ecosystem. The WP29 touched upon "critical" topics, including the implementation of the General Data Protection Regulation, which included the adoption of the final version of the data protection officer, among others. There was an update on meetings between EU and U.S. representati... Read More

Study: Large teaching hospitals more likely to suffer data breach

(Apr 10, 2017) A study published by JAMA Internal Medicine found large teaching hospitals are more likely to suffer data breaches, SC Magazine reports. The study found 216 hospitals accounted for 257 of the 1,798 data breaches between Oct. 21, 2009 and Dec. 31, 2016. Most of the affected hospitals were discovered to be teaching hospitals. Larger teaching hospitals are more likely to be targets due to more individuals having access to private patient data and aging infrastructure. “Due to tight budgets, aging s... Read More

From ancient to modern: The changing face of personal data

(Apr 7, 2017) "In the ancient world, keeping personal data was the privilege of the elites within society," writes University of West Indies Assistant Archivist Cherri-Ann Beckles. "The purpose of storing personal data in this context was mainly to preserve and provide evidence of lineage in order to maintain a position of power and prestige. Personal data of the masses was predominantly captured through storytelling (oral traditions) and other forms of human expression such as song and dance." Over the years... Read More