This short whitepaper aims to create the beginnings of a framework for best practices standards by focusing on specific privacy and security vulnerabilities within ML systems. At present, we view these vulnerabilities as warning signs—either of a future in which the benefits of ML are not fully embraced, or a future in which ML’s liabilities […]
All data breach notification laws in one place. Navigate to a law overview by clicking in the interactive map below or clicking a link in the menu on the left side of the window. These overviews provide summary information on breach notification laws currently in effect. Law overviews are updated as changes to breach notification […]
This document proposes a reference design on how to architect enterprise-class protection for mobile devices accessing corporate resources. The example solutions presented here can be used by any organization implementing an enterprise mobility management solution. This project contains two distinct builds: cloud and hybrid. The cloud build makes use of cloud-based services and solutions, while […]
This guidance will help you to understand the importance of encryption as an appropriate technical measure to protect the personal data you hold. Whether you are a controller or a processor, encryption is a technique that you can use to protect personal data. The guidance outlines the concept of encryption in the context of the […]
A key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ – this is the ‘security principle’. Doing this requires you to consider things like risk analysis, organisational policies, and physical and technical measures. You also have to take into account additional requirements about the security of […]
The EU General Data Protection is finally here, and things like data mapping, data protection impact assessment, consent management, and data subject rights have been on everyone’s minds leading up to its arrival. While these operational requirements are obvious for many companies, some others have flown under the radar.