Governing the Data Protection Practices of Third Parties

The imminent enforcement date of the GDPR has the technical world scrambling for compliance across all aspects of every enterprise. While many have begun to incorporate the guiding principles of "Controller" and "Processor" into their operational practices,  some Controllers may not yet have considered how their Processor's Processors handle relevant data.
Read More

GDPR's Protections for the Transfer of PII

Europe's General Data Protection Regulation (GDPR), operative May 25, 2018, governs not just how your company protects the personally identifying information (PII) of EU citizens and residents, but also from whom. The rule clarifies that mandatory PII protections extend beyond local data storage and usage to also include data transfer across borders to third parties and beyond. Your obligation to keep your EU data safe now requires you to also ensure that it will remain safe wherever and with whomever it ultimately ends up.
Read More

Controllers and Processors: How the GDPR Assigns Responsibilities

If your U.S.-based company receives data (is a "data collector") from European Union (EU) citizens or residents, it must comply with the incoming GDPR - the EU's General Data Protection Regulation. That regulation divides "data collectors" into one of two categories: "Controllers" or "Processors." Determining which role best defines your corporate data-collection activities will also guide the development of your GDPR-compliant PII management systems.  
Read More

Six Keys to a Successful Change Initiative

Change is never easy and organizational change is certainly no exception to the rule. Organizational change can cause a lot of anxiety, not least because the failure rate for such change is so high—roughly two-thirds of all organizational change initiatives fail. Yet organizational change is necessary, and inevitable, in order to stay competitive and relevant.
Read More


New Call-to-action