Three best practices for data discovery

Data discovery and automated data classification are incredibly important to businesses, especially as upcoming regulations like Europe’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breach (NDB) scheme mandate that organizations must know where regulated data resides and are appropriately managing access to and use of it, at all times. Continuous understanding of what […]

Read More

GDPR makes HIPAA and PCI fines look cute

If you think fines for non-compliance with HIPAA or PCI DSS are scary, GDPR will really blow your mind. Non-compliance with the GDPR can result in fines of up to €20MM or 4% of annual revenues, whichever is higher. Imagine a fictitious company, Karaleebro, that has $28B in annual revenues – most of it derived […]

Read More

The backdoor to GDPR violations

By now you’ve heard about the General Data Protection Regulation (GDPR), the new European Union privacy regulation. The goal of GDPR is to protect the privacy of personal data given the rapidly increasing collection, analysis, storage and sharing of personal information. To meet the goal for strong protection of personal data, some businesses will focus […]

Read More

Unstructured Data and GDPR

By now you’ve heard about the General Data Protection Regulation (GDPR), the new European Union privacy regulation. The goal of GDPR is to protect the privacy of personal data given the rapidly increasing collection, analysis, storage, and sharing of personal data. In order to meet the goal of strong protection of personal data, businesses will […]

Read More

Encryption, GDPR, EAR, and HIPAA Compliance

What do GDPR, HIPAA/HITECH, and EAR all have in common? Each of these regulations specifically mention the use of encryption as a means for “safe harbor” but only if the encryption prevents an unauthorized user from accessing the data in the clear. Even the authors of PCI DSS have dipped their toes in these waters […]

Read More