data security

The Federal Trade Commission posted a reminder Monday of its “new and improved” data security orders, which compliance and risk professionals might want to read for its lessons about cybersecurity oversight and compliance generally.  The statement, published on the FTC Business Blog, reviews several changes the FTC made last year to its data security orders.…

Read More
third-party

Another year, another report confirming what most compliance and IT security officers already know: third-party vendors are an enormous security and privacy risk, and oversight of those parties is a mess. That’s the message of a report released Thursday by Opus and the Ponemon Institute, which surveyed more than 1,000 IT and data security professionals…

Read More
breach

You gotta give Google credit. Only that outfit, with perhaps the most intellectually talented employees in Corporate America today, could come up with a data breach so maddening and thought-provoking for corporate compliance officers. The breach was discovered last March. A glitch in the Google+ social media network had exposed the personal data for nearly…

Read More
data security

The Treasury Department came out swinging Tuesday in favor of a national data breach law and a light regulatory touch for “fintech firms” swarming into the banking and compliance worlds. Those were two among more than 80 recommendations contained in a 200-page report from the Treasury Department looking at fintech and nonbank financial firms. The…

Read More
data security

Good news, kinda sorta, for healthcare compliance professionals worried about data breaches: the total number of reported breaches fell last year, as did the number of patient records exposed; and the portion of breaches caused by accidental disclosure or lost devices fell, too. Taken altogether, one might even say that all those data privacy efforts…

Read More