GDPR Advice

GDPR and Medical Devices

The EU’s General Data Protection Regulation (GDPR) became enforceable on May 25, 2018, as did financial penalties for breaching the legislation. Mainly, GDPR is applicable to the back end workings of medical devices there is also […]

HIPAA Updates

25,148 Patients Impacted in Ransomware Attack on the Southeastern Council on Alcoholism and Drug Dependence

A ransomware attack has resulted in widespread file encryption at the Southeastern Council on Alcoholism and Drug Dependence (SCADD) in Lebanon, CT. The attack was discovered on February 18, 2019 when problems started to be […]


50% of US Organizations Not Prepared for CCPA

According to a report released by the International Association of Privacy Professionals (IAPP) and OneTrust, prior to the California Consumer Privacy Act (CCPA) becoming enforceable on  January 1, 2020, nearly 50% of all companies will […]

GDPR Advice

GDPR and Data Minimization

Data minimization is one of the chief principles of the European Union’s General Data Protection Regulation (GDPR) which states that data processing should only use as much data as is required to complete as assigned […]


Social Media Rules for HIPAA Compliance

HIPAA was enacted several years prior to social media networks such as Facebook being established, so there are no dedicated HIPAA social media rules; however, there are HIPAA laws and standards that apply to social […]


Six Recommendations on Privacy Policies Released by Dutch DPA Following Investigation

Autoriteit Persoonsgegevens, the Dutch Data Protection Authority (DPA),  has published six recommendations for companies operating in the Netherlands. The agency says that these guidelines should be considered when drafting privacy policies. The Dutch DPA recommends […]


Healthcare Associations ask for Leniency for Breached Entities that Implement Cybersecurity Best Practices

Several healthcare groups have asked for leniency to be shown for healthcare organizations that would mean avoiding financial penalties for breaches of protected health information if the breached entity that has implemented certain standards for […]

HIPAA Advice

How to Manage Your HIPAA Password Requirements

HIPAA password requirements state that procedures must be implemented for creating, changing and securing passwords unless a different, equally-effective security measure is chosen. The password requirements under HIPAA are available the Administrative Safeguards of the […]


CCAP and Cybersecurity

The General Data Protection Regulation (GDPR) introduced new standards for data protection in Europe. Introduced in May 2018, GDPR changed the way that businesses handle collect, handle, and process consumer data. The regulations also granted […]


Are you ready for CCPA?

The California Consumer Protection Act (CCPA) is due to become enforceable on January 1, 2020. Corporations, government agencies and other groups will be using 2019 to prepare for the new legislation. The proposed legislation allows […]


CCAP Requirements

The Californian Consumer Privacy Act (CCPA) was signed into law in June 2018. Many data privacy experts have compared CCPA to Europe’s latest data protection legislation, the General Data Protection Regulations (GDPR). Much like GDPR, […]