TrustArc Blog

TrustArc Participates at California Lawyers Association IP Institute

November 13, 2018

On November 8th in sunny San Jose, TrustArc was pleased to take part at the California Lawyers Association’s annual IP Institute.  Speaking on a panel entitled GDPR: Lessons Learned from the Front Line, TrustArc shared tips and insights both for organizations still working towards GDPR compliance, and for those seeking to take their privacy programs to the next level, including for interoperability with other global privacy laws and frameworks. Not lost in the discussion was the fact that many law firms, of all sizes, are likewise still looking to their own GDPR/privacy compliance, which is critical to their being viewed … Continue reading TrustArc Participates at California Lawyers Association IP Institute

TrustArc Announces New Privacy Platform Enhancements

November 01, 2018

TrustArc has announced several exciting enhancements to our Privacy Platform! These new capabilities will help companies better manage their privacy programs. The Privacy Platform helps provide end to end privacy management through a series of modules designed to address a wide range of privacy functions, including data inventory and mapping; privacy risk assessments; consent management; and individual rights and data subject rights requests. The new privacy assessments include:        Inherent Risk        DPIA Controls        Consent        Legitimate Interests        Right to Object        Third Party Risk        International Data Transfer        Automated Decision Making These new assessments feature a revolutionary modular design that intelligently matches the assessments … Continue reading TrustArc Announces New Privacy Platform Enhancements

GDPR: DPIAs & Risk

July 26, 2017

  TrustArc Chief Data Governance Officer and General Counsel Hilary Wandall and Information Accountability Foundation (IAF) Executive Director and Chief Strategist Marty Abrams held a webinar where they spoke about the background, requirements, and examples of DPIAs, available on demand here. First, they reviewed how the first privacy assessment methodology was developed and how comprehensive data impact assessments originated to illustrate the evolution of privacy assessments. Then, they went on to explain how the newly required DPIAs differ from traditional PIAs. While traditional PIAs focus on technical requirements for compliance, DPIAs bring in larger ethical issues. Technical requirements focus on … Continue reading GDPR: DPIAs & Risk

1 Year Until EU GDPR Enforcement Begins

May 25, 2017

EU General Data Protection Regulation (GDPR)

EU General Data Protection Regulation (GDPR) The EU GDPR is a law designed to enhance data protection for EU residents and provide a consolidated framework to guide business usage of personal data across the EU, replacing the patchwork of existing regulations and frameworks. The 200-plus page GDPR replaces the 20 year old Directive (95/46/EC). This new law has received a lot of attention due to its complexity  and the associated penalties for noncompliance. Fines can be up to 20,000,000 EUR or 4% of total worldwide annual turnover of the preceding year (whichever is higher). As a result, many organizations are … Continue reading 1 Year Until EU GDPR Enforcement Begins

What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

May 09, 2017

While some organizations have written about the impending GDPR deadline and potential fines, or re-printed an exact copy of the text itself, TRUSTe has taken the 200+ pages of the GDPR and translated it into practical implementation steps for an organization of any size or maturity. The implementation steps are grouped into five actionable phases: Building a Program and Team Assessing Risks and Creating Awareness Designing and Implementing Operational Controls Managing and Enhancing Controls Demonstrating Ongoing Compliance A sample implementation step is developing a DPIA program, which includes creating templates, conducting DPIAs, managing remediation, and providing compliance reports. The guide also … Continue reading What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

May Event Spotlight: IAPP Canada, GDPR – DPIA & Data Breach Requirements Webinar & #CyberAware On Your Summer Travel Twitter Chat 

May 04, 2017

UN Global Pulse and the International Association of Privacy Professionals (IAPP) Present: Building a Strong Privacy and Data Ethics Program – From Theory to Practice May 4 New York The meeting will focus on how to implement privacy and data ethics in international organizations, and on how to access public-private sector data for use in humanitarian and development contexts. Four topics will be discussed during the day by experts from UN, public and private sector, namely: Privacy on the Ground: Managing Personal Data in Organizations; Ethics and a Rights Based Approach to Data: From Principles to Institutions; Privacy and Data … Continue reading May Event Spotlight: IAPP Canada, GDPR – DPIA & Data Breach Requirements Webinar & #CyberAware On Your Summer Travel Twitter Chat