Privacy

Privacy | News, how-tos, features, reviews, and videos

database data center futuristic technology

11 technologies improving database security

The database does not have to be a security and privacy liability. These technologies can reduce risk and help ensure regulatory compliance.

GDPR data privacy / data protection / security / risk management

How to protect PII under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

A binary eye sits within the center of a targeted virtual framework.

Proposed bill would create a new federal agency to protect consumer data

The Data Protection Act of 2021 has wide-ranging definitions of high-risk data practices and privacy harm.

Jason Lee, Chief Information Security Officer, Zoom

CISO Jason Lee on Zoom's response to its pandemic security challenges

A year into his role, Lee discusses how he and Zoom's security team addressed security and privacy issues amid rapid growth and public scrutiny.

hsm shredder

IT asset disposal is a security risk CISOs need to take seriously

Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier, whether it's pen-testing, OSINT, vulnerability assessment, and more.

women spinning plates asynchronous programming synchrony multi tasking by graemenicholson getty ima

10 pioneering women in information security

As Women's History Month comes to close, we introduce you (hopefully not for the first time) to some women who broke new ground in infosec, national security, and computer science.

library / repository / binders and boxes on shelves in a large archive

The 7 deadly sins of records retention

Record retention is both a fact of life and a growing headache for organizations burdened by a spiraling number of regulations and legal obligations. Here are worst (and best) practices for securing data and documents.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

Virginia data protection bill signed into law

The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.

interconnecting gears / process / automation / machinery / mechanism / efficiency

Inrupt offers a standard for controlling data and identity on the web

Founded by security and web luminaries, Inrupt has commercialized the Solid Project technology to manage sensitive data in a more secure, compliant manner...if enough people buy into its vision.

healthcare data breach / medical patient privacy security violation

The HITECH Act explained: Definition, compliance, and violations

The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to...

high priority gauge

The most important cybersecurity topics for business executives

Data privacy, current cyberthreats, and cybersecurity culture and training top the list, but are these the right priorities?

A hand reaches to activate controls marked with gear icons [ process / update / fix / automate ]

How strong, flexible data protection controls can help maintain regulatory compliance

An effective approach to data protection controls embraces ethical standards and anticipates new requirements. Here’s how some CISOs and other experts tackle the issue.

child coder boy with computer gaming children laptop

COPPA explained: How this law protects children's privacy

The Children's Online Privacy Protection Act is a U.S. law that aims to protect the privacy and personally identifying information of children under the age of 13 who use online services.

medical data accessed via tablet / healthcare IoT monitoring

HIPAA explained: definition, compliance, and violations

HIPAA (the Health Insurance Portability and Accountability Act) is a law passed in 1996 that imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

abstract data flows / data streams

Differential privacy: Pros and cons of enterprise use cases

Hiding sensitive data in a sea of noise might have more value than encryption in some use cases. Here are the most likely differential privacy applications and their trade-offs.

data security / padlock / binary code / digital display

Data security vs data privacy – they’re not the same thing

Data security and data privacy are both necessary to completely protect corporate data assets. But most companies spend most of their time on the former and much less on the latter.

Compliance

12 new state privacy and security laws explained: Is your business ready?

States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Let's break down what each of these laws entails and how businesses and consumers are affected.

CCPA | California Consumer Privacy Act  >  Satellite view of California's network of lights / lock

CPRA explained: New California privacy law ramps up restrictions on data use

The California Privacy Rights Act (CPRA) is a new law that toughens some data security requirements, brings California more in line with Europe's General Data Protection Regulation, and creates a new state agency—the California...

wan bank networking finance2

GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security

The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes...

Load More
You Might Also Like