We Need ISO 27001 and GDPR/CCPA Compliance. Should We Do ISO 27701 Concurrently?

by Richard Barrus | Dec 6, 2021 | CCPA

Reading Time: 3 minutes             More and more organizations need to prove to clients, regulators, partners, investors, etc. that they’re secure and compliant. Often this takes the form of a certification/attestation against...

What is Information Governance and Why Do We (as an Org with PII) Care?

by Richard Barrus | Aug 19, 2021 | Privacy

Reading Time: 2 minutes If you want to see peoples’ eyes glaze over, just say these two words: information governance. That’s an esoteric, labyrinthine chore that only specialist nerds in the employ of the biggest businesses need to worry about… Right? You...

What is the ISO 27701 Privacy Extension to ISO 27001 and Why Do I (as a Regulated SMB) Care?

by Richard Barrus | Jun 10, 2021 | ISO 27001 Certification

Reading Time: 2 minutes ISO/IEC 27701:2019 “Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines” is a new and (dare we say) exciting international standard that allows you to...

Virginia Consumer Data Protection Act vs. California Privacy Rights Act – How They Differ and What to Watch Out For

by John Verry | Apr 26, 2021 | Privacy

Reading Time: 4 minutes The new Virginia Consumer Data Protection Act (CDPA) draws heavily on prior legislation like the California Consumer Privacy Rights Act (CPRA) and its predecessor the California Consumer Privacy Act (CCPA). But while some have...

Virginia Consumer Data Protection Act: Here’s the Cliff Notes

by John Verry | Apr 23, 2021 | Privacy

Reading Time: 3 minutes The new Virginia Consumer Data Protection Act (CDPA) became law on March 2, 2021, making Virginia the second state after California to enact a comprehensive privacy law. While CDPA substantially resembles the California Consumer...