72-hour rule: Can you identify and report a data breach within 3 days?

July 30, 2018

This blog was originally published in the IBM Big Data & Analytics Hub on May 22, 2018. In a series of blog posts, the ‘Coach’ offers recommendations on how to get businesses into shape so they can thrive in the new data era. The 72-hour rule included in the European Union’s General Data Protection Regulation (GDPR) has become a major... Read more

How to Extract Value from Data – The Ultimate CGOC Reference Guide

July 24, 2018

I’m pleased to announce that the CGOC has just published a new easy print version of its Information Governance Process Maturity Model (IGPMM). First published in 2010 and updated twice since the IGPMM is the industry’s most detailed guide to the business and compliance benefits of maturing an organization’s information governance (IG) processes and the... Read more

Why Privacy Should Be The Biggest Concern Of 2018

June 6, 2018

The recent start of the EU’s GDPR has added an even greater sense of urgency for a Facebook executive team already under intense pressure because of the Cambridge Analytica fiasco. Other companies may hope to stay under the GDPR radar for a while, but Facebook could easily find itself an immediate compliance test case –... Read more

Data Privacy and Governance: Recap of CGOC New York 2018

May 23, 2018

After the 4th nor’easter of the year caused us to delay the March event, we were finally able to hold CGOC’s 12th Annual New York Regional Meeting in May. The New York attendees, not known to be timid about sharing their thoughts and asking meaningful questions, made it a full day of insightful discussions and... Read more

Institutionalizing Privacy by Design

April 10, 2018

While many boardrooms and information stakeholders are understandably focused on trying to prevent – or, sadly, clean up after – a data breach, while also meeting the compliance requirements of the impending the EU’s General Data Protection Regulation (GDPR), I think they may be missing a broader and deeper strategy that could help them accomplish... Read more

Are you GDPR compliant?

March 27, 2018

The EU’s General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018, impacts any company with customers or employees in the EU. Despite its global applicability, the recent CGOC Top Corporate Data Protection Challenges survey found only 6 percent of organizations felt ready for GDPR compliance. No wonder the UK government recently... Read more

Unified Governance Goes Mainstream

February 26, 2018

It is telling that Information Management chose to feature “Making a successful case for a unified governance program” as the lead article on its website today. It’s a tremendous step forward that the publication recognizes the importance of data management professionals beginning to coordinate closely with other information stakeholders, including compliance and privacy teams, to... Read more

Top Corporate Data Protection Challenges

October 26, 2017

The EU’s General Data Protection Regulation (GDPR) was enforced on May 25, 2018, but according to Top Corporate Data Protection Challenges, a CGOC survey of 132 compliance officers from organizations around the world and across multiple industries, only 6 percent of respondents felt their organizations are currently compliant with the impending regulation, with most organizations concerned... Read more

How to Reduce Risk and Prepare for a Data Breach

September 19, 2017

In light of the recently revealed Equifax data breach, it might be a good time to highlight a best practice that can help manage your corporate risk. Gone are the days where the data security personnel would hide out in the dark basement of the enterprise they were monitoring. Today’s successful security professionals need to... Read more

Internal Investigations: 10 Ways To Be A Cyber Sleuth

August 28, 2017

By Caroline Sweeney (The following article was first published on August 15, 2017,  on  Law360, written by Caroline Sweeney, the global director for e-discovery and client technology at Dorsey & Whitney LLP and a faculty member for the Compliance, Governance and Oversight Council (CGOC).) Law360, New York (August 15, 2017, 1:00 PM EDT) — Cyberattacks aren’t the only significant threats facing enterprises... Read more