Technology and other firms that supply goods and services in the data privacy field offer a broad range of assistance to businesses, non-profits and governmental organizations. Services of PrivacyRules firms include data mapping, impact assessments, data storage, training, data protection planning, cybersecurity and other tools to comply with the complicated demands of global compliance, as well as services to deal with data breaches and disputes arising from data breaches and claims of non-compliance with data protection laws.
Secure Communications and Anonymizing Services
This category refers to companies that provide services that allow the consumer to communicate via secure and anonymous methods.
Data Management and Storage
This category describes companies that specialize in the storage and protection of at rest data. At rest data refers to data that is currently physically stored in any digital format.
Disaster Recovery, Physical Data Recovery, and Data Breach Services
This very broad category describes companies that provide assistance with the implementation, installation, design, and remediation of tech services and systems.
IT Consultancy Services
IT consulting involves a 3rd party advising on IT related decisions, and often they offer solutions and services to aid you in your IT goals. Companies that fall under this category provide a litany of IT support services including IT outsourcing and infrastructure services, which involve a 3rd party managing your actual network services.
Security Software and Hardware
This category refers to companies that specialize in the production and sale of both security hardware and software.
Our network is based on the spirit of close cooperation with the IT Industry as crucial players in the circulation of data. Privacy is diverse from the subjects it refers to, the various stakeholders involved in the origination, processing, and data storage to all facets of flow and processes. The underlying component and requirement is that the majority of data is filtered and facilitated through technology. For this reason, PrivacyRules welcomes a collaborative partnership within the IT Industry for mutual success.
While Data Protection Officers and in-house experts can increase in number, capabilities, and areas of awareness, the diversity of data privacy and data circulation needs to involve the talent of specialized knowledge that only the IT Industry encompasses.
PrivacyRules endeavors a hybrid approach when dealing with privacy, which merges legal and technology to offer the broadest range of services to its Members, clients, subscribers and customers.
What, where, and why the need to cooperate with the IT Industry? Below are few examples. Who, when, and how to do so? You can immediately find the necessary qualified and reliable support through PrivacyRules!
Progress Audit: Integrated Case Management Systems
In February of 2017, British Columbia's auditor general Carol Bellringer published a follow-up report to a 2015 audit of the $182-million Integrated Case Management System used by the Ministry of Social Development and Social Innovation. The audit highlighted faults in privacy security related to social programs including child protection, child-care subsidies and income assistance. While the government has made "significant effort" to improve the system, work is still to be done. Read more here
Yahoo Verizon Deal, A Lesson on Risk
Yahoo pays a high price for the data breach it suffered in 2014, in terms of market value. The damage is worth $350 million in the negotiations to complete the sale of Yahoo’s core operations to Verizon, an overall deal that will still value more than $4 billion but now reduced of $350 million from the initial deal. Additionally, reports indicate that Verizon has requested Yahoo to share liability for any damages that result from government investigations or other litigation. This will create additional stress on the Company, which has already suffered the erosion of customers’ confidence and the risk of expensive sanctions and litigation. Read more here
When Phishing Attacks and The Increase of Cyber Threats
The Italian Association for IT Security (CLUSIT) released its 2016 report on 22.02.2017, which indicated that 2016 was “the worst year ever in terms of the evolution of the cyber threat and the relative impact”. CLUSIT reports that in 2016, phishing attacks increased to a rate of 1,166% with respect to the previous year. The report states that the highest increase was registered in the health sector (+ 102% over 2015), large-scale retail (+ 70% over 2015), and banking and finance (+ 64% over 2015). Further info at: https://clusit.it/
How Much Time Do We Really Have After a Data Breach?
The United States Federal Trade Commission (FTC) published a consumer information in May 2017, on how quickly identify thieves utilize stolen information. The consumer information, authored by the FTC Consumer Education Specialist Ari Lazarus, shed light on what happens when an individual or a company is affected by a data breach, or the hacking or stealing of information. The research saw the FTC experts leaking a fake database with information of 100 individuals. As soon as info related to the database was posted on a popular hackers’ forum, hackers managed to access and use the stolen fake information in just nine minutes. They then attempted to use the stolen information more than 1,200 times. Access the FTC consumer information and related articles here
When Target Became the Target
In May of 2017, the retail giant Target agreed to pay a multistate settlement of $ 18.5 million, one of the largest data breach settlement agreements to date, in an effort to close the state investigation over the 2013 cyberattack that affected the payment records of over 70 million customers. The investigation involved 47 U.S. and the District of Columbia. The hackers accessed Target’s computer gateway through the credentials of a third-party vendor, installing malware that stole sensitive data such as names, email addresses, phone numbers, credit and payment card numbers along with verification codes. The terms of the settlement instigated the retailer to introduce a series of measures and procedures to enhance the security of its systems and data treatment. Find the text of the Assurance of Voluntary Compliance here