You don’t have to boil the ocean to achieve privacy compliance

When GDPR mandated Privacy Impact Assessments (PIA), lawmakers had the best of intentions. They wanted companies to understand how personal data is used in their business process. And, they wanted to see demonstrable proof – a tangible output – of privacy practices....

Rising to the Challenge of Subject Rights Requests

Data privacy laws give people rights to access, delete, correct and move the data businesses collect about them. They also require businesses to follow the DSAR procedure, promptly addressing their data requests without placing undue burden on consumers. What they...