The latest draft of CPRA regulations (released on November 3, 2022) includes new requirements for agreements with service providers, contractors, and third parties that retain, use, or disclose Personal Information (“PI”). The draft regs specify that agreements must:...
COMPLIANCE
Next time you do a Risk Assessment or Analysis, make sure you have Risk Intelligence on board
I was prompted to write this quick post this morning when I read this article. I think it is a good example of what some (actually many, in my experience) …
Healthcare Interoperability: Preparing to Meet New Privacy and Security Obligations
Written by Dan Goldstein (Partner and Co-Founder), Kamal Govindaswamy (Partner and Co-Founder) and Monica Meiterman-Rodriguez (Privacy Consultant). Healthcare Information Technology (Health IT) in the United States has undergone considerable change …
How can Infosec GRC Deliver Wins in Risk Management?
Information security (infosec) risk management can often seem overwhelming and hard. Organizations can spend considerable resources on infosec programs or solutions, yet they may have challenges in implementing commensurate and demonstrable …
Operationalizing CCPA Compliance: Know Your Data and Establish Detailed and Practical Workflows
By Dan Goldstein, Co-Founder and Partner, Tueoris, LLC. Introduction If you’re a privacy professional that spent a good chunk of 2018 living through the run-up to the EU General Data …
EU Privacy and US Trade Limitations: Opening New Opportunities for Mexican Business
By Mayra Cavazos, Senior Consultant, Tueoris, LLC Introduction The European Union (EU) General Data Protection Regulation (GDPR) has impacted businesses around the world in a variety of different ways, influenced …
Driving Effective Privacy Operations with Functional Requirements
By Shawna Doran, Senior Manager, Tueoris, LLC and Dan Goldstein, Partner, Tueoris LLC In the run-up to May 25, 2018, many businesses that thought they were well-prepared to meet their …
Alternatives to Consent: New Approaches to Processing Patient Data for Current and Future Clinical Research
Introduction Pharmaceutical and biotech companies sponsoring clinical research have traditionally relied on patient consent as the legal basis for processing personal data, sensitive personal data and biologic material for …
Is your auditor or consultant anything like the OPM OIG?
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …