Data Privacy

TPRM Implications Privacy Shield Changes

by Linnea Solem | August 5, 2020 | Data & Cybersecurity, Data Protection, General Data Protection Regulation (GDPR), Public Policy

This post reviews TPRM implications of Privacy Shield changes. Privacy, Surveillance, and Data Transfers to the United States are hitting the headlines in privacy and security circles. The C-Suite may be hearing about “Schrems II” and wonder what the hoopla is all about. Let's start at the be ....


Charting Your Course in Data Privacy: Implications for Third Party Risk Management Programs

by Sabine Zimmer | April 13, 2020 | California Consumer Privacy Act (CCPA), Data & Cybersecurity, General Data Protection Regulation (GDPR), Privacy, Public Policy

Regulations like the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) have triggered a convergence of third party risk management and data privacy.  The complexity of navigating the nuances of each regulation and the operational challenges for third party rel ....


Happy One Year GDPR Enforcement Day

by Sabine Zimmer | May 21, 2019 | General Data Protection Regulation (GDPR), Public Policy

It’s hard to believe it’s been one year since the GDPR enforcement took effect (May 25, 2018). For many, the honeymoon (or “honeydo”) hasn’t quite worn off yet, as organizations are  still trying to ensure they meet some level of conformity to the most encompassing privacy regulation to d ....

Evaluation of Corporate Compliance Programs

Exercising Good Privacy and Compliance Judgement

by Sabine Zimmer | February 13, 2019 | California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), Public Policy

Santa Fe Group Third Party Risk expert, Tom Garrubba, recently contributed to Corporate Compliance Insights for his take on the recently released Cisco Data Privacy Benchmark Study Read the full article. Those of us in the privacy profession knew it was only a matter of time that privacy-mind ....

General Data Protection (GDPR)

European Invasion? Congressional Hearings Suggest need for U.S. Version of GDPR

by Sabine Zimmer | November 13, 2018 | California Consumer Privacy Act (CCPA), Data, Data & Cybersecurity, General Data Protection Regulation (GDPR), Privacy, Public Policy

Might the U.S take a page from the European Union’s (E.U.) data privacy playbook? Could the California Privacy Act spread to the rest of the country? These possibilities were on the minds of participants in recent Congressional hearings concerning data privacy. The European Union’s (EU’s) G ....

Framework for Managing Third Party Reputation Risk

Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk

by Sabine Zimmer | August 31, 2018 | General Data Protection Regulation (GDPR), Public Policy

As the European Union’s (EU’s) General Data Protection Regulation (GDPR) May 25 effective date approached this spring, its sweeping compliance requirements socked U.S. companies with major surprises. The regulation’s global jurisdictional reach, EU-specific definition of “sensitive data,” ....

Next Page »