In 2000, Canada enacted its data protection act designed to protect consumers’ identifiable information. Since it was passed into law, the Personal Information Protection and Electronic Documents Act (PIPEDA) has expanded to cover most private-sector industries. This means if you want to continue doing business in Canada you need to know the top PIPEDA rules that apply to U.S. companies.
Blog
-
Beginner’s PIPEDA Requirement Checklist
Does your company do business in Canada? If so, and it includes transmitting, storing, and using personally protected information (PII), the organization must meet the Personal Information Protection and Electronic Documents Act (PIPEDA) requirements. This is where a PIPEDA compliance checklist will come in handy.
-
What Should be in Your Vendor Management Cybersecurity Policy?
Third-party vendor management policy is perhaps the most underrated component to a mature cybersecurity strategy. Last year, Becker’s Hospital IT reported startling statistics:
-
Why CIS Controls Are Critical for Effective Cyber Defense
No matter how robust a company’s information technology (IT) resources and protections are, they’re always subject to risk. Even the most proactive companies struggle to keep pace with the evolution of cybercriminals’ methods and vectors of attack. The Center for Internet Security (CIS) has developed a framework to help reduce these risks; the CIS critical security controls for effective cyber defense are a key area of security for all business.
-
How to Conduct a Third-Party Risk Management Audit
Performing a cybersecurity audit of your third-party vendors and partners is critical to ensure they’re taking proper measures to protect your data when it’s in their hands. (more…)
-
How to Conduct a Social Engineering Assessment
Social engineering assessment is a crucial step to achieve protection from data breaches.
Cybersecurity hacks are becoming more prevalent with increasing complexity. These have become severe threats that cause irreparable financial, operational and reputational damages in various industries. To strengthen the security of a company, due diligence must be exhausted to avoid these potential pitfalls.
-
Top Cybersecurity Vulnerabilities of Telemedicine
If the COVID-19 pandemic has proven anything beyond the shadow of a doubt, it’s the vital necessity of accessible healthcare throughout the country. The spread of the virus, as well as its corollary effects across the whole economy, have shown that everyone is connected to the health industry in some way. As such, privacy and security concerns in telehealth have wide reaching implications not just for telehealth and telemedicine companies, but for society at large.
-
How to Choose the Right Business Email Security Solution
Global business is diverse with a vast array of verticals and industries, yet united by a single channel of communication: email. Choosing the right email security solution can give you a competitive edge. Email is used within every organization for internal and external communication. Although email provides ease with which to collaborate, it also poses a great risk.
-
What is the PCI DSS 4.0 Standard Draft?
All businesses that process payments via credit card face a certain amount of risk with every transaction. On one level, fraudulent payments are always a concern. But on another, cardholder information is extremely valuable, and cybercriminals who target it can impact your clients and business. To keep your customers safe and avoid the potential consequences of noncompliance, it’s important to know what the PCI DSS 4.0 draft is.
