Category: GRC

California Dreamin’ – A Free Roadmap For your CCPA Journey

By Rafael Moscatel, CIPM, CRM, IGP on October 16, 2019November 18, 2019

What is the CCPA and why should you care?

In response to recent stateside efforts to enshrine data protection including the California Consumer Privacy Act (CCPA), organizations are revisiting the efficacy of their Data and Information Governance (IG) programs. Laws and regulations vary by industry and company size. Yet each intend to protect consumer’s personal data by prescribing technical and governance standards backed by stiff penalties for non-compliance.

What you need to know and do to ensure compliance with California’s new Consumer Privacy Act

New regulations governing use of customer and personal data needn’t be burdensome. Rather, they help reduce expenses and monetize the information lifecycle, identify opportunities for better governance to avoid fines and litigation exposure and foster trust to enhance customer experiences. Download this FREE detailed CCPA roadmap to see how you can get your company on the path to compliance.

This slideshow requires JavaScript.

Our CCPA and GDPR engagements include:

Data and resource mapping
Conducting gap and risk assessments
Controls evaluation to standards
Establishing governance with clearly defined roles and responsibilities
Policies and procedures review
Domestic and International legal review of privacy and security policies to fit the organization’s risk profile and culture
Consumer data request and delivery mechanism (including website notices)
Providing education and training
Design of role-based access control (RBAC) rights
Privacy impact assessment (PIA/DPIA) during product design

Third Party Due Diligence Support

Pre-contract due diligence and consulting
Cloud services guidance
Managed security services (build or buy guidance)
Third-party management program/policy

Our consulting and software solutions enable clients to comply with CCPA provisions 1798.110(a)(4), 1798.100, 1798.105, 1798.110, 1798.120, 1798.145, 1798.140, 1798.150

Call us today to see how we can help you with:

California Consumer Privacy Act of 2018, Amendments and Rulemaking
HIPAA/HITECH Security, Privacy and Breach Notification Rules
Generally Accepted Privacy Principles (GAPP)
EU’s General Data Protection Regulation (GDPR)
ISO/IEC 27001-2:2013
CIS Top 20 Critical Security Controls (CA AG requires)
SEC OCIE Cybersecurity Initiative
NIST Cybersecurity Framework
U.S. Sentencing/DOJ/OIG Guidelines for Effective Compliance (program foundation)
Applying Risk Management Program Management and Principles

Posted in: California Consumer Privacy Act, CCPA, Compliance, Privacy

Data Governance GRC Privacy

New Podcast: #GRC and Me – The Blessing of #CCPA

By Rafael Moscatel, CIPM, CRM, IGP on October 9, 2019October 12, 2019

EPISODE SUMMARY:

Rafael Moscatel, managing director at CAPP, joins GRC & Me to discuss how his background in law and consulting ultimately led him to the world of GRC. He shares how one tweet led to a watershed moment in compliance and privacy, and tells his deeply personal connection to California adoption records. Rafael also explains how CCPA should be viewed as a blessing that helps better understand what’s “under the hood” of your company.

EPISODE NOTES:

Top 3 Quotes

“The more that you can show your customers that you’re being a good steward with their data, the more they’re likely to trust you. And from a reputational standpoint and a branding standpoint, that’s always one of the best benefits and one of the reasons that consumers will choose one product or service over the other.”
“And I think if you look carefully, the CCPA is quite a blessing. It helps reduce expenses and monetize the information life cycle because you have a better understanding of what’s under the hood in your company.”
“…you know there’s not one silver bullet when it comes to preparing data for an information governance strategy, IG is essentially a multidisciplinary type of approach.”

Show Highlights

[01:28] Rafael’s background in law and consulting
[02:35] Discussing Rafel’s company and beginnings
[04:36] The “Olympics of Privacy”
[05:59] A watershed moment in Compliance and Privacy
[08:05] Rafael’s personal connection to records in California
[09:05] The incredible moment Rafael received his birth records
[12:00] The “blessing” of CCPA
[14:11] Rafael’s personal opinion of CCPA
[16:19] Best practices for privacy and policy management
[19:30] Policy management systems
[21:04] How to read more about Rafael’s thoughts on these issues
[22:58] The Little Girl With The Big Voice
[24:03] Vendor Risk Management
[25:00] Being mindful of what’s outside your company walls as well as what’s within them

Resources:

Connect with Rafael on LinkedIn
Connect with Rafael on Twitter
Rafael’s Website
The Little Girl With the Big Voice

Posted in: CCPA, Compliance, Governance, LogicGate, Risk

In today’s data-driven, fast-changing world, Tomorrow’s Jobs Today gives business leaders a solid overview of many complex technology trends. This book helps surface many of the issues a business leader needs to be aware of and provides food for thought on how they might be navigated as we head into a new decade.

Gregory L. Steinhauer, President, American Life

Information is the currency that fuels and funds the Digital Transformation journey. Tomorrow’s Jobs Today manages to capture a set of leadership perspectives that, while diverse, share an essential characteristic for the future of transformative work: leveraging information as one’s most valuable asset.

Peggy Winton, CEO, Association for Intelligent Information Management AIIM

If you want to stay successful, you have to embrace and adapt to changes. Tomorrow’s Jobs Today shows you how those challenges can be both enlightening and empowering.

Jim Dodson, SVP, Iron Mountain

In a world often seized by ever-accelerating change, Tomorrow’s Jobs Today has brilliantly identified, captured, and recounted liberating insights for success from a broad range of global information governance and technology professionals. There will always be challenges, but for those willing to look, the opportunity is abundant. The Information Age remains an ever-growing frontier awaiting each new wave of pioneers.

Seth Williams, President, MER Conference

This is an empowering and beautifully written book that will surely guide the reader to find a place in this quickly changing Information Age, where they can thrive and contribute to the greater good.

Dr. Angela Bair Schmider, M.S., Ph.D., Massachusetts General Hospital and Harvard Medical School

The authors bring together the voices of leading thinkers, exploring the critical themes that will dominate the years to come. Entertaining interviews reveal the best paths forward for professional development and the impending social, political, and ethical challenges of tomorrow. This is an important book.

Alex Panagides, CEO, mxHero

Tomorrow’s Jobs Today brings together an impressive group of professionals sharing their wisdom and career advice from the cutting edge of technological advancement today. These insights will inevitably bolster your career path, and the combined knowledge of so many brilliant folks in one volume is staggering. I recommend this book for anyone who is pushing or looking to push their organizations into the future.

Nick Inglis, Executive Director of Content & Programming, ARMA International

Stepping away from the mush of data that sometimes arrives through surveys, Tomorrow’s Jobs Today goes straight to the people creating the future world of work. Read this book; go interview a few visionaries yourself; help shape the world to come.

Andy Watson, Head of School, Albuquerque Academy

This book is an excellent read for just about everyone trying to make sense of the ever-increasing pace of change going on around them. The interviews conducted in each chapter help ground and explain how others have harnessed these rapid changes for their personal fulfillment and most importantly for the greater good of humanity. For those feeling anxious over the stability of their roles, ponder this book and reap the wisdom presented.

John Isaza, Esq., FAI, co-Founder Information Governance Solutions.