This guidance from the California Attorney General Kamala Harris aims to help California businesses protect against and respond to malware, data breaches and other cyber-incidents.
This guide, prepared by the Office of the Australian Information Commissioner, provides a ten step process to assist public and private organizations in undertaking a PIA.
In this white paper, David Wright of Trilateral Research & Consulting offers a 16-step methodology to help make privacy impact assessments meaningful and effective, including consulting with stakeholders, agreeing on a budget for the PIA and publishing it on the organization’s website.
The U.S. Department of Congress released this guidance to offer insight on the International Trade Administration's process of reviewing Safe Harbor certifications, including what it looks for and the process that occurs if elements of the certification are missing.
Many privacy laws contain employee training requirements. In this resource, Teach Privacy outlines these requirements in HIPAA, GLBA, PCI-DSS, FACTA, FISMA, Texas Health Privacy Law, Massachusetts Data Security Law, EU-US Safe Harbor Arrangement, ISO/IEC 27002 and Canada’s PIPEDA.
The goal of this referential is to serve as an informal pragmatic checklist for organizations applying for authorization of Binding Corporate Rules and/or certification of Cross-Border Privacy Rules. It thereby facilitates the design and adoption of personal data protection policies compliant with each of the systems.
The U.S. National Institute of Standards and Technology created this framework as required under an executive order from the Obama Administration. This final version includes standards, procedures and processes for reducing cyber risks to critical infrastructure.
The Treasury Board of Canada Secretariat has developed guidance documents related to outsourcing for federal organizations, including the sharing of personal data, making contract decision and addressing concerns about the USA PATRIOT Act.
Dr. Breach is at it again! This time he's using spear phishing campaigns to try and steal credit card information....until Prudence the Privacy Pro and Opt Out get wind of his evil plot.
Subscribers to the IAPP Privacy List offered up some fun ideas for ways to celebrate Data Privacy Day. While these suggestions are particularly appropriate on January 28, they can be implemented at any time of the year to promote the importance of privacy in your organization.
DLA Piper has created version 3.0 of its online and interactive guidebook of the world’s data protection laws and regulations. The tool offers each countries’ law, regulator contact information and specifics on how it regulates anything from infosecurity to breaches to electronic marketing. It’s also possible to set two countries side by side and compare the way they regulate data protection.
World Law Group has created this guide to provide a brief overview of legislation governing data breach notification requirements in jurisdictions across the globe.
This guidance from the UK Information Commissioner’s Office explores what you need to consider if permitting the use of personal devices to process personal data for which you are responsible.
This tool is the product of the Accountability Project’s fourth year and responds to the need for a practical means to help organizations implement and evaluate the programs and practices necessary to establish accountability for responsible data protection.
This document from the Federal CIO Council Privacy Committee serves as a best practices guide to help federal organizations implement and sustain privacy awareness and stewardship. It can be integrated into any government organizational level–department, component, office or program–responsible or accountable for privacy. The seven elements described in this document provide the basis for a robust federal privacy program. (June 2010)
Page 1 of 5 pages 1 2 3 > Last ›