When it comes to organizations incorporated and operating out of the United States, General Data Protection Regulation (GDPR) compliance can be confusing. Many people struggle to understand what exactly is the GDPR and whether it applies to all organizations. On May 25, 2018, the European Union (EU) via the European Parliament, signed into law the GDPR, to an enhance Directive 95/46/EC.
On May 29, 2019, the governor of Nevada signed into law Senate Bill 220, a new consumer privacy law. The new privacy law amended Nevada’s existing 2017 online privacy law. Effective October 1, 2019, the new privacy gives consumers the right to opt-out of the sale of their personal information.
The Sarbanes-Oxley (SOX) Act was signed into law on July 30, 2002. The law drafted by congressmen Paul Sarbanes and Michael Oxley aimed to improve corporate financial governance and accountability while protecting shareholders from accounting errors and fraudulent activity. The real fuel for the SOX law came from the inappropriate financial conduct of three large companies Enron, Tyco, and WorldCom.
British Airways, now there is a big GDPR issue. 500,000 people were affected over 15 days. Reputation damaged, untold revenue lost and a $230 million dollar fine and that is before any damages are paid. In my former life, I thought GDPR was a boring tick box exercise, it really could not be further from the truth. It is a scare your pants off ride, one that needs to be taken very, very seriously. Your company’s existence is at stake.
You have likely heard of the General Data Protection Regulation (GDPR), and you probably refer to this standard whenever the topic of privacy and data processing arises. But what about outside of the EU? The Office of the Privacy Commissioner of Canada (Commissariat à la protection de la vie privée du Canada) has a twitter account that shares information regarding privacy and an individual’s rights in Canada.
Recently, a StatusGator user on our 30 day free trial contacted us to inquire if StatusGator was GDPR compliant. The General Data Protection Regulation, or GDPR, is the European Union’s regulation that grants rights and requirements over personal data. Although we’ve been following the GDPR and its rollout for some time now, we haven’t taken active steps to comply with its requirements. We are based in the United States and don’t actively target European customers.
If your organization has a presence in California or does business with California residents, then it probably needs to comply with the California Consumer Privacy Act (CCPA). CCPA compliance is no easy task but never fear: Using this checklist and our CCPA audit guide can help smooth the way.
GLBA refers to Gramm-Leach-Bliley Act (also known as the Financial Services Modernization Act of 1999) which aims to protect the private information of consumers. In this article, we took a closer look at GLBA requirements.