Previous article in series – Data Privacy: Jurisdictional Differences When an organization embarks upon a path designed to improve its security posture, operational efficiency, or cultural behavior, there are many established codes of practice that can be utilized. Some of these codes of practice or guidelines come with the capability of certification. ISO/IEC 27018:2019 ISO/IEC…
Category: compliance
Data Privacy: Jurisdictional Differences
Previous article in series – Data Privacy: EU–U.S. Privacy Shield, HIPAA, GLBA Jurisdictional variances become evident during cases involving cross-border data requests or cases of contention. Even between states in the same country there can be differences in data privacy. Section 2511 of Title 18 of the U.S. Federal Government’s legal code prohibits the unauthorized…
Data Privacy: EU–U.S. Privacy Shield, HIPAA, GLBA
Previous article in series – Data Privacy: Australia and New Zealand Privacy Principles The EU–U.S. Privacy Shield decision was adopted on July 12, 2016, and the Privacy Shield framework became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States…
Data Privacy: Australia and New Zealand Privacy Principles
Previous article in series – Data Privacy: African & Asia-Pacific Legislations Regulations in Australia and New Zealand make it extremely difficult for enterprises to move sensitive information to cloud service providers that store data outside of Australian/New Zealand borders. The Office of the Australian Information Commissioner (OAIC) provides oversight and governance on data privacy regulations…
Data Privacy: African & Asia-Pacific Legislations
Previous article in series – Data Privacy: Contractual and Regulated Private Data African Personal Data Protection Nearly two-thirds of the 54 nations of the African continent has data privacy protection as a regulation, is in process of making it, or has it as part of their constitutions. For the nations that have data protection mechanisms,…
Data Privacy: Contractual and Regulated Private Data
Previous article in series – Data Privacy: Evolution and History of Modern Data Privacy Contractual and regulated data may coexist within a single complementary context; a contract may be formulated to enforce the adherence to a regulation or set of regulations and a regulation may define the need to have contractual relationships between provider and…
Data Privacy: Evolution and History of Modern Data Privacy
Modern data privacy has a history that goes back to a time before the World Wide Web and when the internet was more a nascent concept than a global tool. The First Data Protection Law In 1970 the German state of Hesse enacted the first data protection act in the world known as Datenschutzgesetz (DSG;…
Digital Forensics: Chain of Custody & Nonrepudiation
Previous article in series – Digital Forensics: Evidence Management Chain of custody of evidence refers to the chronological documentation or paper trail, showing the seizure, custody, control, transfer, analysis, and disposition of physical or electronic evidence. Chain of custody should clearly depict how the evidence was collected, analyzed, and preserved so it can be presented…
Digital Forensics: Evidence Management
Previous article in series – Digital Forensics: Identification, Collection, and Preservation of Digital Evidence Maintaining evidence from collection to trial is a critical part of digital forensics. You should have policies and procedures in place for the collection and management of evidence. In some cases, you may need to collect digital evidence on short notice….
Digital Forensics: Identification, Collection, and Preservation of Digital Evidence
Previous article in series – Digital Forensics: E-Discovery Service Types & Legal Terms ISO/IEC 27037 offers guidance on identifying potential data sources and acquiring the data from the sources. Data acquisition should be performed using a three-step process: Develop a plan to acquire the data: Developing a plan is an important first step in most…