Charting Your Course in Data Privacy: Implications for Third Party Risk Management Programs

by Sabine Zimmer | April 13, 2020 | California Consumer Privacy Act (CCPA), Data & Cybersecurity, General Data Protection Regulation (GDPR), Privacy, Public Policy

Regulations like the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) have triggered a convergence of third party risk management and data privacy.  The complexity of navigating the nuances of each regulation and the operational challenges for third party rel ....

legal digital

Are We Heading Back to School for Privacy Changes?

by Sabine Zimmer | September 10, 2019 | California Consumer Privacy Act (CCPA), Data Protection, Public Policy

Seasons change and priorities change as we exit the dog days of summer and head into back to school timelines and waning days remaining of legislative sessions. This past month Shared Assessments Program Advisory Board Members and Steering Committee Members facilitated three separate educational eve ....

bucket connecteddevices

If Left to Our Own Devices… What the New CCPA Regulations Mean to Risk Management

by Sabine Zimmer | March 14, 2019 | California Consumer Privacy Act (CCPA), Public Policy

These days everything’s connected through the Internet, that constantly growing and evolving massive communications network. More and more devices are being connected (75 billion or so by 2025), forming a complex interrelated platform or ecosystem commonly referred to as the Internet of Things (Io ....

officepic shutterstock

Exercising Good Privacy and Compliance Judgement

by Sabine Zimmer | February 13, 2019 | California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), Public Policy

Santa Fe Group Third Party Risk expert, Tom Garrubba, recently contributed to Corporate Compliance Insights for his take on the recently released Cisco Data Privacy Benchmark Study Read the full article. Those of us in the privacy profession knew it was only a matter of time that privacy-mind ....


European Invasion? Congressional Hearings Suggest need for U.S. Version of GDPR

by Sabine Zimmer | November 13, 2018 | California Consumer Privacy Act (CCPA), Data, Data & Cybersecurity, General Data Protection Regulation (GDPR), Privacy, Public Policy

Might the U.S take a page from the European Union’s (E.U.) data privacy playbook? Could the California Privacy Act spread to the rest of the country? These possibilities were on the minds of participants in recent Congressional hearings concerning data privacy. The European Union’s (EU’s) G ....

LA skyline

Going Back 2 Cali: The Golden State Passes Two New Data Privacy/Security Laws

by Sabine Zimmer | October 26, 2018 | California Consumer Privacy Act (CCPA), Cybersecurity, Data & Cybersecurity, Internet of Things (IoT), Privacy, Public Policy, Regulations, Regulatory Requirements

The California State Legislature recently completed a data privacy/data security two-step by passing two new laws with significant third party risk management implications for a broad collection of companies. In late September, California enacted what some are referring to as the country’s firs ....