TrustArc Blog

How to Prepare for the California Consumer Privacy Act “Look Back” Requirement

November 15, 2018

The California Consumer Privacy Act (CCPA) will be effective January 1, 2020, but the 12-month “look back” requirement means that companies will need records of personal information collected dating back 12 months before January 1, 2020, which is January 1, 2019. While January 2020 seems far away, creating and maintaining data inventories and flows beginning January 2019 to meet the “look back” requirement will take time. With less than two months to go, companies should secure a budget, develop a process, and evaluate tools to help implement the process. The budget should take into account supplying your team with the … Continue reading How to Prepare for the California Consumer Privacy Act “Look Back” Requirement

TrustArc Announces New Privacy Platform Enhancements

November 01, 2018

TrustArc has announced several exciting enhancements to our Privacy Platform! These new capabilities will help companies better manage their privacy programs. The Privacy Platform helps provide end to end privacy management through a series of modules designed to address a wide range of privacy functions, including data inventory and mapping; privacy risk assessments; consent management; and individual rights and data subject rights requests. The new privacy assessments include:        Inherent Risk        DPIA Controls        Consent        Legitimate Interests        Right to Object        Third Party Risk        International Data Transfer        Automated Decision Making These new assessments feature a revolutionary modular design that intelligently matches the assessments … Continue reading TrustArc Announces New Privacy Platform Enhancements

How to Maintain a Data Inventory for GDPR Compliance – Tips from TrustArc Privacy Experts

August 22, 2018

Now that the GDPR has been in effect for a few months, it is a good time to evaluate your processes and procedures put in place prior to the deadline. Although May 25th has passed, companies still need to be compliant every day after. A fundamental key to staying compliant is introducing a regular review process. As a reminder, Article 30 requires companies to produce “records of processing activities”, which will allow regulators to see that companies are adhering to the GDPR. With this goal in mind, the records should show why and how the data is being processed. A … Continue reading How to Maintain a Data Inventory for GDPR Compliance – Tips from TrustArc Privacy Experts

New Analyst Report on Using Technology Platforms to Manage Privacy

August 17, 2018

Michael Rasmussen of GRC 20/20 Research has been noted as the “Father of Governance, Risk, and Compliance (GRC)” – being the first to define and model the GRC market in 2002 while at Forrester. In this new report, he explores the challenges organizations face when complying with privacy regulations such as the EU GDPR. Privacy is a highly dynamic, moving target that requires compliance management to identify and mitigate the compliance, brand, and business risks associated with processing personal data. Accordingly, organizations need an integrated collaborative process and technology architecture that can span distributed privacy and business functions. They also … Continue reading New Analyst Report on Using Technology Platforms to Manage Privacy

Privacy Shield Program Continues to Demonstrate High Interest

August 09, 2018

The U.S. Department of Commerce recently issued a communication highlighting the growing industry interest in participating in both EU-U.S. and Swiss-U.S. Privacy Shield certification programs. There are currently over 3,300 organizations in the program and over 1,000 more who have submitted their first time certification applications in recent months – which will likely bring the number of participants to over 4,000. Dave Deasy, SVP Marketing at TrustArc, commented “we are continuing to see high interest in Privacy Shield from companies of all sizes to ensure they can demonstrate a high commitment to privacy for international data transfers.  This is consistent … Continue reading Privacy Shield Program Continues to Demonstrate High Interest

IAPP & TrustArc Research: Part IV – Privacy has a Strong Influence on Purchase Decisions

July 27, 2018

Part I of this blog post series discussed background, goals, and research methodology of the research report: How Privacy Tech is Bought and Deployed. Part II illustrated how Privacy Tech Adoption has reached the tipping point: based on purchase plans, it is projected that companies will adopt privacy technology in eight of the ten privacy technology categories. Part III highlighted some interesting data from the report that shows what the three fastest growing solutions are: data mapping, assessment management, and data discovery. Part IV will discuss an interesting finding in the research: that privacy has a strong influence on purchase … Continue reading IAPP & TrustArc Research: Part IV – Privacy has a Strong Influence on Purchase Decisions