GDPR has thrown many organizations into the process of redefining and solidifying their data governing and protection strategies. At the same time, individuals are more empowered when it comes to their data and how it is used.
What is GDPR?
The General Data Protection Regulation (GDPR) put forth by the European Union is a set of rules about how organizations should process data of residents in any European Union Countries. This includes the privacy and protection of personal data and more transparent control to the person that data came from. Any organizations outside of the European Union that collect or use data from any EU citizens are also required to comply. The flurry of updated terms of services from Facebook, Twitter, and most other websites and web applications with a global presence over the last six months was due to this new regulation. GDPR assigns power to regulators to ask for proof of compliance and impose fines on organizations that do not comply.
How close am I to being compliant?
Try this GDPR assessment tool to gauge how close you are to 100% compliance. You do not need to sign up or give any information to see the results and it is absolutely free.
NIST SP 800-37 is a key document of the Risk Management Framework (RMF), which is required for Department of Defense information and information technology systems. The publication provides guidance for applying the RMF to information systems and organizations, both federal and non-federal. Does NIST SP 800-37 Apply to Your Business? If you do business with […]