Comparing EU regulatory norms with incident reporting obligations

(Jan 26, 2021) As data breaches and other security incidents are the dominating cause of regulatory fines in areas like security and data protection, prevention and proper ... Read More

Effective management of cannabis consumer data risk

(Jan 26, 2021) With cannabis now legal for recreational use in 15 U.S. states and medical use in 35 states, the cannabis industry has moved strongly toward broad-based legi... Read More

CISA warns against agency malware attacks

(Jan 20, 2021) The U.S. Cybersecurity and Infrastructure Security Agency is urging the use of advertising blockers and designated web browser usage across federal agencies ... Read More

Protecting privacy during turbulent times

(Jan 19, 2021) Over the past year, I had the great privilege of serving as the chief privacy officer at the U.S. Department of Homeland Security. The DHS privacy program is... Read More

Top-5 most-read privacy stories for the week of Jan. 4, 2021

(Jan 8, 2021) IAPP Editorial Director Jedidiah Bracy, CIPP, has the details on the int... Read More

Saskatchewan health system hit with ransomware attack

(Jan 8, 2021) The Office of the Saskatchewan Information and Privacy Commissioner announced eHealth Saskatchewan, the Saskatchewan Health Authority and the Ministry of Hea... Read More

IAPP-EY research: 'Privacy in the Wake of COVID-19, Part 2'

(Jan 7, 2021) The IAPP and EY published their second study on how the COVID-19 pandemic has affected privacy teams around the world. IAPP Senior Westin Research Fellow Müg... Read More

Privacy in the Wake of COVID-19, Part 2: Privacy Challenges as the Pandemic Continues

(Jan 7, 2021) Read More

What the SolarWinds attack can teach about managing risk of cyber loss

(Jan 6, 2021) The SolarWinds supply-chain attack that compromised numerous high-profile targets, including a leading cybersecurity company and U.S. government agencies, ha... Read More

What SolarWinds teaches us about managing risk of cyber loss

(Jan 6, 2021) The SolarWinds supply-chain attack that compromised numerous high-profile targets, including a leading cybersecurity company and U.S. government agencies, ha... Read More