Samples, Tools and Templates    Healthcare/Pharma

Cybersecurity in the Golden State

This guidance from the California Attorney General Kamala Harris aims to help California businesses protect against and respond to malware, data breaches and other cyber-incidents.

Guide to Undertaking Privacy Impact Assessments

This guide, prepared by the Office of the Australian Information Commissioner, provides a ten step process to assist public and private organizations in undertaking a PIA.

Making Privacy Impact Assessment More Effective

In this white paper, David Wright of Trilateral Research & Consulting offers a 16-step methodology to help make privacy impact assessments meaningful and effective, including consulting with stakeholders, agreeing on a budget for the PIA and publishing it on the organization’s website.

U.S. Department of Commerce Safe Harbor Certification Review Process

The U.S. Department of Congress released this guidance to offer insight on the International Trade Administration's process of reviewing Safe Harbor certifications, including what it looks for and the process that occurs if elements of the certification are missing.

Privacy and Data Security Training Requirements

Many privacy laws contain employee training requirements. In this resource, Teach Privacy outlines these requirements in HIPAA, GLBA, PCI-DSS, FACTA, FISMA, Texas Health Privacy Law, Massachusetts Data Security Law, EU-US Safe Harbor Arrangement, ISO/IEC 27002 and Canada’s PIPEDA.

Referential BCR CBPR Requirements

The goal of this referential is to serve as an informal pragmatic checklist for organizations applying for authorization of Binding Corporate Rules and/or certification of Cross-Border Privacy Rules. It thereby facilitates the design and adoption of personal data protection policies compliant with each of the systems.

Framework for Improving Critical Infrastructure Cybersecurity

The U.S. National Institute of Standards and Technology created this framework as required under an executive order from the Obama Administration. This final version includes standards, procedures and processes for reducing cyber risks to critical infrastructure.

Guidelines for Processing Personal Data Across Borders—Private Entities

The Office of the Privacy Commissioner of Canada has offered this guidance for private entities to explain how the Personal Information Protection and Electronic Documents Act applies to transfers of personal information to a third party, including a third party operating outside of Canada, for processing.

Prudence the Privacy Pro, Vol. 1, No. 4

Dr. Breach is at it again! This time he's using spear phishing campaigns to try and steal credit card information....until Prudence the Privacy Pro and Opt Out get wind of his evil plot.

Celebrate Privacy and Improve Awareness

Subscribers to the IAPP Privacy List offered up some fun ideas for ways to celebrate Data Privacy Day. While these suggestions are particularly appropriate on January 28, they can be implemented at any time of the year to promote the importance of privacy in your organization.

DLA Piper Data Protection Handbook

DLA Piper has created version 3.0 of its online and interactive guidebook of the world’s data protection laws and regulations. The tool offers each countries’ law, regulator contact information and specifics on how it regulates anything from infosecurity to breaches to electronic marketing. It’s also possible to set two countries side by side and compare the way they regulate data protection.

Global Guide to Data Breach Notifications, 2013

World Law Group has created this guide to provide a brief overview of legislation governing data breach notification requirements in jurisdictions across the globe.

Bring Your Own Device Guidance

This guidance from the UK Information Commissioner’s Office explores what you need to consider if permitting the use of personal devices to process personal data for which you are responsible.

Self-Assessment of a Comprehensive Privacy Programme: A Tool for Practitioners

This tool is the product of the Accountability Project’s fourth year and responds to the need for a practical means to help organizations implement and evaluate the programs and practices necessary to establish accountability for responsible data protection.

Privacy 101 for SMEs: The Best Defense is a Good Offense

In this practical whitepaper, Omer Tene and Marc Groman, CIPP/US, offer tips to help small businesses safeguard consumer data, build trust and “avoid boosting newspaper sales with sensationalist business titles.”

Page 1 of 11 pages  1 2 3 >  Last ›