February 19, 2019
GDPR, effort, sensitive data subjects, overview, database, management

The Evolving Levels of Effort

Many years ago, in order to clean a used shirt, people would take a basket down to the river and let the flowing water soak through it. They would then hang it on a rock, and let the sun take care of the drying. At a later stage, when soap was invented, they would spread […]
January 15, 2019
Daniel Zacks, data privacy, GDPR compliance, CCPA, Personal Data Discovery, GDPR

C is For Cookie and Compliance

I was checking out a certain website the other night (which I won’t call out here) when a peculiar message popped up. I’ve noticed many different layouts and versions of “Our website uses third-party tracking and cookies, to learn about it click here”, but this one was in its own category. The main message of […]
December 27, 2018
data privacy, GDPR compliance, CCPA, Personal Data Discovery, password, account, hack

Does ISO 27001 Certification Give You Immunity From GDPR Fines?

I was actually chuckling to myself as I wrote that title because I know you were thinking [the equivalent of] one of the following as you clicked on the link: If you have not read the GDPR: “That would be awesome!” If you have read the GDPR: “Don’t be so bloody stupid.” No, of course ISO 27001 certification won’t give you […]
December 10, 2018
data privacy, GDPR compliance, CCPA, Personal Data Discovery, password, account, hack, health

Privacy Shield Does NOT Equal GDPR Compliance

Once again, I will begin this blog with the caveat that I am NOT a privacy expert. However, even a single reading, some brief research, and little common sense makes it clear that Privacy Shield is more about keeping US-EU business moving than it is protecting the rights of data subjects. At least from the […]