The Lepide Guide to California Consumer Privacy Act (CCPA) Compliance

The California Consumer Privacy Act (CCPA) is a new data protection bill that will come into effect on the 1st of January 2020. The CCPA is designed to give Californian citizens more control over how their personal data is stored and processed. Under the CCPA, companies must demonstrate that they are able to identify, delete or quarantine personal data in a timely manner, as per the data subjects … [Read more...]

What is the CCPA (California Consumer Privacy Act)?

With the introduction of the GDPR, Europe showed the world that it was taking data privacy and data security laws seriously. Whatever your opinions are on the effects of the GDPR and how GDPR breaches are being handled, it can’t be denied that the thinking behind it is rational. It was only a matter of time before other countries followed suit. In the USA, there is still yet to be … Read … [Read more...]

The psychology of compliance

The human decision-making process is the preferred subject of psychologists and economists. Historically, they adopted an approach of viewing human behaviour as regular and highly predictable. This helped the researchers to build various models in order to comprehend social and economical phenomena. Such systems were compared by Karl Popper to reliable pendulum clocks.  One can take them apart and … [Read more...]

Why Retailers Are a Soft Targets to Hackers (And What to Do About it)

Time and time again, retailers prove to be a popular (and easy) target for hackers. The tangible and intangible costs for an e-commerce site that’s been breached can escalate quickly. In this post, we'll explore the issue, and outline some solutions.  … [Read more...]

PCI DSS Compliance 101: What You Need to Know

If your business deals with credit card payments in any way, then PCI compliance is going to be a fact of life, and an essential part of running your business securely and efficiently. PCI compliance is a critically important step in protecting your customer's or partner's payment card data, and an equally important step in protecting your business from the dire consequences of a data breach. … [Read more...]

4 Myths of PCI Compliance

If your organization is finding it difficult to comply with PCI DSS, the Payment Card Industry Data Security Standard, it could be due to some of the misconceptions about the standard. … [Read more...]

How Can Technology Help with ISO 27001 Compliance?

The International Organization for Standardization (ISO) is a non-governmental organization for setting proprietary, industrial and commercial standards. In the context of data security, ISO 27001 provides standards for developing and implementing information security policies and processes. Such standards are not enforced, but instead provide a framework to help organizations satisfy the relevant … [Read more...]

What Lessons Can We Learn from Recent GDPR Fines?

Since the GDPR was introduced in May 2018, the EU’s supervisory authorities have issued over €370 million in fines, although some of these fines are still pending. British Airways has been issued a record fine amounting to £183m (approximately 1.5% of global annual turnover) in relation to a data breach that was first disclosed on 6 September 2018. The breach resulted in the exposure of … [Read more...]

Navigating the Data Security Threats and Compliance Challenges

As organizations store increasingly more data and IT environments become increasingly more complex, the challenges faced by IT managers can become overwhelming, to the point where many are experiencing high levels of stress. With the average cost of a data breach at around $4m, not to mention the potentially irreparable damage that could be done to the organization’s reputation, … [Read more...]

Is Your Company Failing to Comply with GLBA?

The Gramm-Leach-Bliley Act (GLBA) is a law that applies to financial institutions in the United States. It is designed to protect sensitive data such as names, addresses, credit histories, and so on. When we think of financial institutions, we tend to imagine large commercial banks, however, a “financial institution” can be any company that deals with loans, deposits, investments and … [Read more...]