TrustArc Blog

One Week to Go: Are you Ready for May 25th? – Webinar Recap

May 22, 2018

As part of the TrustArc Privacy Insight Series Webinars, Paul Iagnocco, Consulting Director & Senior Privacy Consultant at TrustArc, presented “One Week to Go: Are you Ready for May 25th?”  This blog post will give a brief summary of that webinar; you can listen to the entire webinar and download the slides here. In this webinar Paul addressed the questions companies are facing  as the May 25th GDPR deadline approaches: Is my company compliant? What if we are not 100% compliant? What happens next?  This webinar focused on four main areas as they apply to the GDPR: compliance status, enforcement, … Continue reading One Week to Go: Are you Ready for May 25th? – Webinar Recap

GDPR Compliance – Consent Requirements under the GDPR – Marketing Activities

May 04, 2018

Companies that must comply with the GDPR should take a close look at their marketing processes to ensure that they will meet GDPR requirements. The following three examples are key places where most companies should take another look at their processes with regard to GDPR consent requirements. Marketing Outreach Email Programs Most companies’ marketing departments have outreach programs where a large database of clients and prospects are sent emails with information about new products or services. If individuals have unsubscribed, opted out, or otherwise indicated their desire that your organization stop using their personal information, your organization may not contact … Continue reading GDPR Compliance – Consent Requirements under the GDPR – Marketing Activities

72 Hours Notice: GDPR Incident Response Management – Webinar Recap

April 20, 2018

As part of the TrustArc Privacy Insight Series Webinars, Ashley Slavik, Senior Counsel & Data Protection Officer, Veeva Systems Inc. and K Royal, Consulting Director, TrustArc, discussed how companies can plan for and respond to a data breach in compliance with the GDPR. Ashley and K gave best practices, suggested tools, and tips for addressing GDPR Article 33 and Article 34. This blog post will give a brief summary; you can listen to the entire webinar and download the slides here. Before going into data breach requirement details, our speakers discussed the different notification requirements for Controllers and Processors and gave examples … Continue reading 72 Hours Notice: GDPR Incident Response Management – Webinar Recap

How the GDPR will Affect Your Marketing Program

March 06, 2018

Our recent webinar “Marketing Under the GDPR” covered GDPR’s impact upon marketing activities. The webinar generated a lot of questions, and we are sharing five of them, along with answers prepared by TrustArc privacy experts. This blog post is intended as a general overview of the subject and cannot be regarded as legal advice. Consent and Marketing Under the GDPR Can my company capture consent in exchange for content? For example, collecting an email address to download a white paper or register for a webinar? Yes, but organizations must clearly state at the time of information collection what the specific … Continue reading How the GDPR will Affect Your Marketing Program

TrustArc Sponsors the EU Cloud Code of Conduct in Support of GDPR Compliance

March 05, 2018

TrustArc is honored to join with Google Cloud and Cisco as new industry sponsors of the EU Cloud Code of Conduct (EU Cloud CoC) as members of its General Assembly, working together with founding members Alibaba Cloud, Fabasoft, IBM, Oracle, Salesforce and SAP. Article 40 of the GDPR recommends Codes of Conduct for applying GDPR in specific sectors and contexts, and as the May 25, 2018 GDPR compliance deadline approaches, companies depending on GDPR-compliant SaaS, PaaS and IaaS platforms will be able to rely on the EU Cloud Code of Conduct (EU Cloud CoC). In a press release announcing the … Continue reading TrustArc Sponsors the EU Cloud Code of Conduct in Support of GDPR Compliance

What’s In Store for 2018? GDPR, Breaches and Stolen Retinas

January 16, 2018

By Darren Abernethy,  Senior Global Privacy Manager, J.D., FIP, CIPP-A/C/E/M/US/T    This year, the upcoming GDPR deadline has consumed the enterprise security and privacy agenda as companies scramble to adopt new technologies and processes in order to become compliant by May 25, 2018. Virtually every survey gauging the readiness of privacy professionals in both the U.S and in Europe has revealed that for many companies, it is going to be a challenge to comply. For example, failure to comply with the GDPR 72-hour breach notification rule is deemed the riskiest by respondents on both sides of the Atlantic, and more than 80% of US … Continue reading What’s In Store for 2018? GDPR, Breaches and Stolen Retinas