Google GDPR fines and the training implications

Just last week, Google was fined €50m, or over $57 million by Commission Nationale de l’Informatique et des Libertés (CNIL), the French Data Protection Authority, for violating the General Data Protection Regulation (GDPR). The case makes it apparent that organizations must make GDPR compliancy a priority. In two separate complaints, pressure groups, None of Your...

Facebook: why data privacy matters

In the midst of posting your name, pictures, and background on social media sites, did you ever consider who your information reaches, beyond your family and friends? Just last week I posted a picture on my Facebook account. It was a picture of my childhood dog and me. I posted the old photo with the...

Four Principles for Effective Training Systems

By Matt Kelly – a long-time writer and observer of the corporate compliance and GRC scene. Matt runs Radical Compliance, a website and newsletter devoted to corporate compliance, audit, and risk management issues that he launched 2016. He has been working to make the GRC world a better place ever since.        ...

GDPR Miniseries: Top 5 Things for HR in Relation to GDPR

As a human resources (HR) professional, you may be groaning at the thought of more, required compliance measures. But no one said this would be easy. Some changes are worth the trouble and the GDPR is among those. Plus, noncompliance can be awfully pricey. Companies charged with violating the GDPR face a potential fine of...

GDPR Miniseries: Top 5 Things for Marketing in Relation to GDPR

“The right to be forgotten” isn’t just another way to describe ghosting, a practice popular in dating and social circles where uninterested parties disappear without a trace. The right to be forgotten gives individuals the right to have personal data removed or erased from company servers storing their data. The right to be forgotten is...

GDPR miniseries: Top 5 Things for the IT Department in Relation to the GDPR

In September 2016, Yahoo was poised to be acquired by Verizon when it announced it had suffered the biggest data breach in history in 2014. Later the company estimated that 3 billion user accounts had been compromised. The buy-out went through, but the breach knocked approximately $350 million off Yahoo’s sale price. This is an...

GDPR Miniseries: Top 5 Things for Supply Chains in Relation to GDPR

The General Data Protection Regulation (GDPR) is in full swing. Do you know how your supply chain is managing your company’s personal data? Are they fully compliant with the GDPR? If you answered “yes” to these questions, you can rest easily at night. If not, your company may be at risk of a data breach,...

GDPR Miniseries: Top 5 Things for Procurement in Relation to GDPR

Did you know that if any third-party vendor your company uses is not compliant with the General Data Protection Regulation (GDPR), you could be held liable for their actions? And even if you aren’t, your company’s reputation could suffer if a data breach occurs. The case for complying with GDPR is indisputable—the penalties are hefty...

What’s Next for GDPR and GDPR Training

Despite the hype around GDPR in May of this year, when the EU’s new General Data Protection Legislation came into effect, many companies still do not have a robust GDPR programme or sufficient protection measures and processes in place. As Jonathan Armstrong of compliance lawyers Cordery explained to Interactive Services, “I think there have been...

Are Data Privacy and GDPR the Same Thing?

As you may already know, one of the biggest changes to EU data protection rules is coming into effect on May 25, 2018. The General Data Protection Regulation (GDPR) is a wide-ranging set of rules you must follow when collecting, processing, and storing an individual’s personal data. Some of its key aims are to strengthen...