Blog Authors

Latest from Assured SPC Blog

There are many health data privacy and protection laws in the US.  Most people know HIPAA protects their privacy and requires protection of their personal health information.  But it only affects specific business that are classified as covered entities (doctors, hospitals, pharmacies, health insurance companies) and the companies that provide services to covered entities.  These

This is a scary moment for AI / ML
This is a scary moment for artificial intelligence / machine learning (AI / ML).  We are at a point where developers are implementing AI / ML wherever there it has potential value.  It is being used for good applications including:

  • Automation of helpdesk bots to answer

Incremental or Agile Cybersecurity
Description: Organizations struggle with many cybersecurity issues. These issues include managing information security risk, changing threats and the cost of safeguards. An effective solution is to approach cybersecurity as a step-by-step journey. Barry Weber, vCISO and Privacy Practice Leader for Assured SPC, presented a view of how to improve cybersecurity without

Overview
Many privacy laws require that organizations implement “reasonable security”.  There have been many definitions of reasonable security.  The Sedona Conference issued a final commentary on reasonable security for personal information on February 17, 2021.  This definition is likely to be accepted by courts and other adjudicators across the US.  It is based on a

Announcing a Secure The Village Webinar on Cybersecurity (without boiling the ocean)
Date and Time: March 11, 2021 (10-11am PT)
Description: Organizations struggle with many cybersecurity issues demanding attention, time and money. These issues include managing information security risk, the ever-changing landscape of threats and the cost of safeguards. An effective solution is to approach cybersecurity

Minimizing privacy requirements is good for business
At Assured SPC, we help businesses satisfy regulatory and third-party requirements for information security and consumer/resident privacy.  Whenever possible, we provide guidance on how to avoid and minimize cost and impact of privacy compliance requirements. 
There is an answer
Businesses have a right to minimize the ongoing effort

Learnings from the SolarWinds Orion cybersecurity attack
 Some details on the SolarWinds attack are coming out.  Full details on the attack may not be fully understood for months. But we know it has been significant. I participated in an insightful webinar conducted by #cyberereason yesterday. There was a conclusion that I’ve been thinking about since.

Top 5 CCPA Privacy Do’s (and Don’ts)

There is a lot of talk about legal privacy requirements, the steps to implement a privacy program and technology that can assist.  Here is a list of what we consider the Top 5 Privacy must do’s or don’ts.
1. Get rid of personal information that does not have