Tag: CCPA

GRC Information Governance Privacy Records Management

California Dreamin’ – A Free Roadmap For your CCPA Journey

By Rafael Moscatel, CIPM, CRM, IGP on

What is the CCPA and why should you care?

In response to recent stateside efforts to enshrine data protection including the California Consumer Privacy Act (CCPA), organizations are revisiting the efficacy of their Data and Information Governance (IG) programs. Laws and regulations vary by industry and company size. Yet each intend to protect consumer’s personal data by prescribing technical and governance standards backed by stiff penalties for non-compliance.

What you need to know and do to ensure compliance with California’s new Consumer Privacy Act

New regulations governing use of customer and personal data needn’t be burdensome.  Rather, they help reduce expenses and monetize the information lifecycle, identify opportunities for better governance to avoid fines and litigation exposure and foster trust to enhance customer experiences. Download this FREE detailed CCPA roadmap to see how you can get your company on the path to compliance.

This slideshow requires JavaScript.

Our CCPA and GDPR engagements include:

  • Data and resource mapping
  • Conducting gap and risk assessments
  • Controls evaluation to standards
  • Establishing governance with clearly defined roles and responsibilities
  • Policies and procedures review
  • Domestic and International legal review of privacy and security policies to fit the organization’s risk profile and culture
  • Consumer data request and delivery mechanism (including website notices)
  • Providing education and training
  • Design of role-based access control (RBAC) rights
  • Privacy impact assessment (PIA/DPIA) during product design

Third Party Due Diligence Support

  • Pre-contract due diligence and consulting
  • Cloud services guidance
  • Managed security services (build or buy guidance)
  • Third-party management program/policy

Our consulting and software solutions enable clients to comply with CCPA provisions 1798.110(a)(4), 1798.100, 1798.105, 1798.110, 1798.120, 1798.145, 1798.140, 1798.150

Call us today to see how we can help you with:

  • California Consumer Privacy Act of 2018, Amendments and Rulemaking
  • HIPAA/HITECH Security, Privacy and Breach Notification Rules
  • Generally Accepted Privacy Principles (GAPP)
  • EU’s General Data Protection Regulation (GDPR)
  • ISO/IEC 27001-2:2013
  • CIS Top 20 Critical Security Controls (CA AG requires)
  • SEC OCIE Cybersecurity Initiative
  • NIST Cybersecurity Framework
  • U.S. Sentencing/DOJ/OIG Guidelines for Effective Compliance (program foundation)
  • Applying Risk Management Program Management and Principles
Posted in: , , ,
No comments
Data Governance GRC Privacy

New Podcast: #GRC and Me – The Blessing of #CCPA

By Rafael Moscatel, CIPM, CRM, IGP on

EPISODE SUMMARY:

Rafael Moscatel, managing director at CAPP, joins GRC & Me to discuss how his background in law and consulting ultimately led him to the world of GRC. He shares how one tweet led to a watershed moment in compliance and privacy, and tells his deeply personal connection to California adoption records. Rafael also explains how CCPA should be viewed as a blessing that helps better understand what’s “under the hood” of your company.

EPISODE NOTES:

Top 3 Quotes

  • “The more that you can show your customers that you’re being a good steward with their data, the more they’re likely to trust you. And from a reputational standpoint and a branding standpoint, that’s always one of the best benefits and one of the reasons that consumers will choose one product or service over the other.”
  • “And I think if you look carefully, the CCPA is quite a blessing. It helps reduce expenses and monetize the information life cycle because you have a better understanding of what’s under the hood in your company.”
  • “…you know there’s not one silver bullet when it comes to preparing data for an information governance strategy, IG is essentially a multidisciplinary type of approach.”

Show Highlights

[01:28] Rafael’s background in law and consulting
[02:35] Discussing Rafel’s company and beginnings
[04:36] The “Olympics of Privacy”
[05:59] A watershed moment in Compliance and Privacy
[08:05] Rafael’s personal connection to records in California
[09:05] The incredible moment Rafael received his birth records
[12:00] The “blessing” of CCPA
[14:11] Rafael’s personal opinion of CCPA
[16:19] Best practices for privacy and policy management
[19:30] Policy management systems
[21:04] How to read more about Rafael’s thoughts on these issues
[22:58] The Little Girl With The Big Voice
[24:03] Vendor Risk Management
[25:00] Being mindful of what’s outside your company walls as well as what’s within them

Resources:

Posted in: , , , ,
No comments
Events Privacy

Join us in San Diego for ILTA: Preparing for the California Consumer Privacy Act

By Rafael Moscatel, CIPM, CRM, IGP on

Event Description

When:  Oct 30, 2019 from 12:00 PM to 1:30 PM (PT)

Where: Klinedinst, 501 West Broadway, Suite 600 San Diego, CA 92101

REGISTER HERE

We share and store our most sensitive personally identifiable information (PII) on countless computers, networks, and devices. Within an organization, PII can be found scattered in emails, databases, shared drives and more. The new California Consumer Privacy Act (CCPA) is making a strong privacy program an essential part of an organization’s records and information governance program. Join our presentation as we discuss:

  • How are you leveraging the focus on privacy and complying with this new law?
  • Is Record and Information Governance at the table for the conversation?
  • Will you and your organization be ready when the Act goes into effect on January 1?

Speakers

Faron Lyons – Enterprise Account Manager, Blackberry

Rafael Moscatel – Managing Director, Compliance and Privacy Partners

Posted in: , , ,
One comment
Information Governance Information Technology Privacy

Williams Data Management to Host Data Protection Lunch with Compliance and Privacy Partners at Century City Chamber of Commerce

By Rafael Moscatel, CIPM, CRM, IGP on

Media Contact: Ally Bertik ally@marketingmaven.com (310) 405-0358  

Williams Data Management to Host Data Protection Lunch at Century City Chamber of Commerce

Leader in Data Protection Partners with Cyber Hygienist and Technology Expert to Discuss How Fiduciaries Can Prepare and Protect Their Businesses for Data Breaches

­­­­­­­­­­­­­­­­­­­­­­ _____________________________________________________________________________

LOS ANGELES.  – (September 18, 2019)  Williams Data Management, southern California’s leader in data protection, has partnered with Rafael Moscatel, managing director of Compliance and Privacy Partners, and George Baldonado, president and CEO of Oasis Technology, Inc. to host a “Data Protection, A Primer For Your Fiduciary: It’s Your Business, Protect It!” lunch​ in conjunction with the Century City Chamber of Commerce. The panel will take place from 11:30 a.m. to 1 p.m. on October 3, 2019 at Greenberg Glusker, 1900 Avenue of the Stars, Suite 1400 in Century City, California.

Data Protection Pro, Douglas C. Williams, president and CEO of Williams Data Management will discuss how small businesses can take advantage of a data breach reporting service powered by CSR Privacy Solutions, Inc. to enable companies to protect Personally Identifiable Information (PII). Other topics will include the California Consumer Privacy Act (CCPA), cyber security protection and data governance.

“We are thrilled to lead the conversation for fiduciaries on how to better protect their businesses,” said Williams. “Our goal is to keep your information safe, secure and available regardless of what it is or where it is stored. We hope to provide a clear solution for companies in all industries moving forward, especially with our new data protection suite that provides a pathway for self-assessment and structural gap analysis for internal management.”

Guests will have the opportunity to network with business professionals, engage in this informative panel with expert sources and enjoy lunch provided by Williams Data Management.

To learn more or register for the data protection lunch, please visit https://business.centurycitycc.com/events/details/data-protection-a-primer-for-your-fiduciary-it-s-your-business-protect-it-1704.  

About Williams Data Management

Williams Data Management is southern California’s leading source for data protection management. The company educates, consults, has the source materials, and provides the structure for self-assessment and corporate plan structure for information breach notifications in the United States. Over the last decade, the firm has become an expert solution provider, offering professional records management, data protection, imaging and digitization, cloud storage and certified data destruction services to all sectors and sizes of businesses.

Williams holds numerous certifications for data compliance and destruction including SSAE16, NAID “AAA” Certification, and is a member of PRISM. For more information, visit www.williamsdatamanagement.com or call 888-478-FILE.

About Century City Chamber of Commerce

The Century City Chamber of Commerce is one of Los Angeles’ most active, involved and relationship-driven chambers. The chamber places a special emphasis on its members working together to build effective relationships and relevant programs that help individuals and companies expand their marketplace reach. Under the clear and powerful guidance of many energetic committees and councils, the Century City Chamber has grown to encompass representatives from virtually every industry, helping to make Century City one of Los Angeles’ most prestigious business communities. From the largest corporations to mid-sized businesses and emerging entrepreneurs, its diverse members thrive with one another and with key decision makers.

#           #           #

Posted in: , ,
No comments
Ethics GDPR Information Governance Privacy Professional Development

UPCOMING PRIVACY WORKSHOP IN LA 7/31: Leveraging a GDPR Compliance Investment for CCPA / Privacy By Design

By Rafael Moscatel, CIPM, CRM, IGP on

UPDATE: Presentation Slides Included Below

ARMA-GLA Summer Spotlight Workshop

LEVERAGING A GDPR COMPLIANCE INVESTMENT FOR CCPA / PRIVACY BY DESIGN WORKSHOP

Part I – Join European attorneys and privacy compliance experts from Brussels based law firm Ethikos to learn how to leverage GDPR compliance investments for California’s new Consumer Privacy Act. In this presentation they’ll review key data protection concepts and privacy by design strategies already in place across the EU and explain how they’re now spreading throughout the United States. Find out what you need to know about the rules of transferring data and records internationally, PII records retention requirements, rules for managing content on customer facing websites and the impact of these new records management guidelines in contract negotiations.

SELECT THE LINK BELOW TO VIEW THE WHOLE  PRESENTATION.

ETH-CAPP-2019-LA-PbD

Part II – Meet solutions engineers from Active Navigation who will show you real world examples of how state of the art privacy software helps apply concepts and rules from GDPR and CCPA directly into an information lifecycle program. Learn about machine learning classification, consent validation, uncovering dark data and many more intricacies of implementing a privacy framework as part of your Information Governance roadmap.

Presenters

Miguel Mairlot, Ethikos Law Firm, Brussels

Miguel Mairlot is a trusted compliance expert, with significant breadth of experience across Europe. He provides clients with advice and support on all aspects of their compliance program. His areas of expertise include Asset Management, Wealth and Insurance businesses to cover cross-border regulatory issues, risk management, contractual documentation and product development, advising and influencing senior stakeholders at executive committee level, enabling them to meet their responsibilities across a range of group policies and local requirements, including MiFID II, GDPR, AML, ABC and Sanctions. Before Ethikos, Miguel has worked for prestigious international law firms and financial institutions as Head of Compliance. Miguel speaks English, French, Dutch and is a Certified Compliance Officer (Febelfin Academy) since 2013 and a Data Protection Officer. He has written and spoken widely on compliance and financial law topics and teaches at the Cooremans Institute. He also serves on the Editorial Board of “la Revue de Droit Bancaire et Financier”.

Posted in: , ,
No comments