Privacy
Privacy | News, how-tos, features, reviews, and videos
What is personally identifiable information (PII)? How to protect it under GDPR
The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.
Proposed bill would create a new federal agency to protect consumer data
The Data Protection Act of 2021 has wide-ranging definitions of high-risk data practices and privacy harm.
CISO Jason Lee on Zoom's response to its pandemic security challenges
A year into his role, Lee discusses how he and Zoom's security team addressed security and privacy issues amid rapid growth and public scrutiny.
IT asset disposal is a security risk CISOs need to take seriously
Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.
video
Aligning security, compliance and privacy across inventory tracking
Brad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD's inventory tracking system that identifies PPD’s most valuable assets. Join us to learn how...
21 best free security tools
Check out these free, standout software tools that will make your daily security work easier, whether it's pen-testing, OSINT, vulnerability assessment, and more.
10 pioneering women in information security
As Women's History Month comes to close, we introduce you (hopefully not for the first time) to some women who broke new ground in infosec, national security, and computer science.
The 7 deadly sins of records retention
Record retention is both a fact of life and a growing headache for organizations burdened by a spiraling number of regulations and legal obligations. Here are worst (and best) practices for securing data and documents.
![Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]](https://images.idgesg.net/images/article/2020/09/lady_justice_statue_with_scales_law_books_legal_liability_risk_regulations_compliance_fairness_by_simpson33_gettyimages-1181406745_2400x1600-100860122-small.3x2.jpg)
Virginia data protection bill signed into law
The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.
Inrupt offers a standard for controlling data and identity on the web
Founded by security and web luminaries, Inrupt has commercialized the Solid Project technology to manage sensitive data in a more secure, compliant manner...if enough people buy into its vision.
The HITECH Act explained: Definition, compliance, and violations
The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to...
The most important cybersecurity topics for business executives
Data privacy, current cyberthreats, and cybersecurity culture and training top the list, but are these the right priorities?
![A hand reaches to activate controls marked with gear icons [ process / update / fix / automate ]](https://images.idgesg.net/images/article/2020/08/hand_reaches_to_activate_controls_with_gear_icons_process_development_update_fix_automate_by_putilich_gettyimages-1220461550_2400x1600-100854509-small.3x2.jpg){kind=icon}
How strong, flexible data protection controls can help maintain regulatory compliance
An effective approach to data protection controls embraces ethical standards and anticipates new requirements. Here’s how some CISOs and other experts tackle the issue.
COPPA explained: How this law protects children's privacy
The Children's Online Privacy Protection Act is a U.S. law that aims to protect the privacy and personally identifying information of children under the age of 13 who use online services.
HIPAA explained: definition, compliance, and violations
HIPAA (the Health Insurance Portability and Accountability Act) is a law passed in 1996 that imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.
Differential privacy: Pros and cons of enterprise use cases
Hiding sensitive data in a sea of noise might have more value than encryption in some use cases. Here are the most likely differential privacy applications and their trade-offs.
Data security vs data privacy – they’re not the same thing
Data security and data privacy are both necessary to completely protect corporate data assets. But most companies spend most of their time on the former and much less on the latter.
