The General Data Protection Regulation (GDPR) has fundamentally changed how organizations do business in the European Union. It isn’t enough to undergo audits or meet arbitrary security requirements. Like many high-stakes security contexts, GDPR requires a company to dedicate significant time to maintaining data privacy, cybersecurity and consumer rights. 

To help address high-risk data processing situations, GDPR may require your business to complete a Data Protection Impact Assessment or a DPIA. For many companies, these are not optional so we will cover the details in this article. 

Read More

Data privacy and protection are critical parts of any compliance framework, and few regulatory bodies take that fact more seriously than the General Data Protection Regulation, or GDPR. A law passed in the European Union in 2018, GDPR attempts to address core issues of how businesses can gather, use and manage customer data as part of their business operations without violating the rights of those customers. 

While some businesses in the U.S. may not see much value in understanding GDPR, those serving EU customers are wise to better grasp the intricacies of the law and how it will impact their work in Europe. 

Read More

A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimize the data protection risks of a project. The DPIA is an ongoing process, regularly applied to personal data processing, identifying, and mitigating risks. The DPIA is a part of the European Union (EU) General Data Protection Regulation (GDPR) compliance activities.

Read More