Data Privacy & Business Strategy Articles

In the last few weeks, we have been talking about what GDPR is, who needs to be compliant with it and what things to keep in mind if you have to comply. Now we are going to discuss what is the best way to go about prioritizing GDPR requirements for your organization. It’s all about the risk First off, let me say that GDPR is not a step-by-step prescription on what to do with regards to the management and protection of personal data. If it were that way, we would all have been compliant long ago! Just tick the boxes on […]

Last week we discussed what GDPR is in very broad terms. We also discussed what are the general parameters used to determine whether an organization needs to comply with GDPR or not. Just to refresh our memories, these are the criteria used to make such determination: If you have any physical presence in the EU (even if it is a small sales and marketing office). If you don’t have a physical presence but you offer products or services to EU residents. If you don’t offer products or services but you monitor EU residents online behaviour. You need to comply… now […]

The requirements around this new regulation and who it will apply to The General Data Protection Regulation or GDPR is the new data protection legislation enacted by the European Union that will come into effect on May 25, 2018. This is a very important regulation, not only for European residents but for everyone around the world. The main reason is because it is the first privacy and data protection regulation that ensures that individuals rights and freedoms are the top priority. It also unifies all the different regulations under one rule. The EU data protection directive from 1995 is replaced […]

As I take some time to read the news on a Sunday afternoon, I start realizing that news of GDPR compliance is gaining traction. I even cleared all my cookies to ensure that it was not just showing on my different feeds because of what I’ve read before. No, GDPR is showing up more and more. I’m glad that it is beginning to get the attention it needs. What worries me is that, at this point in time, it leaves very little time left for organizations to get their house in order in time for May 25 (you can check […]

It’s the  middle of January and my thoughts revolve around Data Privacy Day. Even though Data Privacy Day is observed every January 28th, not a lot of people know about it so I’ve decided to become a stronger advocate and shed light on the issues that Data Privacy Day stands for. What is Data Privacy Day Data Privacy Day commemorates the signing of Convention 108 back in 1981, the first legally binding international treaty dealing with privacy and data protection. The Data Privacy Day campaign is spearheaded by the National Cyber Security Alliance (NCSA) and I laud their efforts to […]

2017 is over and it was certainly a year where data breaches were front and center for organizations and the public in general. There is a renewed interest around what personal data protection should entail, and in multiple cases, organizations are not there yet. This interest stems from a clear concern from consumers about how their data is being managed and protected. It has also become a top priority for regulators, as we can attest from the implementation of GDPR in Europe. Therefore, what can we expect in 2018? In my opinion, more of the same… but on steroids. Cybersecurity, […]

GDPR reminds me a lot of Y2K. Eighteen years ago I was an IT project manager for one of the largest consumer goods manufacturers in the world: Procter & Gamble. I had been working for them for almost 5 years and one third of the time I was there, I spent it on a critical, expensive, dreadful, but at the same time very exciting initiative: Y2K. As a young professional that was starting her career, I could not relate very well to the repercussions of this technological bug. I was told to do a job and I was happily doing […]

Introduction Over the last few years, privacy has become a term that has relevance for almost everyone in almost every context: be it an organization trusted with the information of their customers, governments monitoring citizens’ data in the name of national security or a consumer simply buying a pair of sneakers online. When we hear about privacy in the news, it is usually an incident related to online hackers or what is also known as a cyber attack. The message is usually the same: an individual that was lured into giving out their personal information, generally causing them great financial […]

When we hear about Privacy, different terms come to mind: breach, regulation, identity theft, exposure, risk. The one word I assure you will not immediately come to mind is “sexy”. When it comes to information privacy, we think of our right to keep our personal information safe, unused, undisclosed. We fear someone getting their hands on our information and use it to their advantage or worse, to our detriment. As businesses grow closer and deeper relationships with their customer base, what if they think of privacy management not as something they have to do because consumers, government or regulators demand […]