Our Data Privacy Services team collates the most interesting practical ramifications from implementing the new SCCs with our GDPR services customers. In our latest update of the Data Privacy Periodic Table , we included reference to the EU’s June 2021 release of substantially updated Standard Contractual Clauses (SCCs), triggered by 2020’s Schrems II ruling. The new, far more substantial SCCs have been largely welcomed.
ISO/IEC 27001 is the leading international standard for regulating data security through a code of practice for information security management. Its creation was a joint effort of two prominent international standard bodies - the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). This is why the standard is formally prepended with ISO/IEC, though "IEC" is commonly left to simplify referencing.
Data protection has matured incredibly over the last 10 years. The ‘privacy industry’ has gone through a metamorphosis not seen in many other disciplines. Now, as we reflect on the organisational changes the pandemic introduced, we must recognise that being able to quickly access and share accurate data is critical to every business’ success – regardless of where employees are working from.
A Service Organization Controls (SOC) report provides independent validation over a company’s internal financial reporting controls. They were originally used to validate compliance with the Sarbanes-Oxley Act of 2002. When the SEC released the “ Commission Statement and Guidance on Public Company Cybersecurity Disclosures ,” SOC reports started to include cybersecurity. Understanding what a SOC Type 2 report is can give insight into why it is important to your organization.
AWS GDPR compliance, privacy and personal data protection are one of the most common concerns among cloud teams that run workloads in the AWS Cloud. When thinking about the different mechanisms to protect privacy and gain trust from the users who utilize our services, Compliance is one of the words that comes to mind.
Business owners whose revenue streams depend significantly or partially on government contracts have been recently faced with the mandatory emerging regulations called Cybersecurity Maturity Model Certification, also known as CMMC. All organizations working with the Department of Defense (DoD) and Federal government as their prime or subcontractors must be audited against these requirements by a competent third-party CMMC auditor.
