PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Webinar – Trust: What CEOs and Boards Must Know About Privacy and AI Blog

In case you missed my recent webinar with Dominique Shelton-Leipzig (Mayer Brown), you can watch the replay here.  We had a great discussion about why privacy is an issue that the C-Suite and Board must address. Dominique is the author of a new book on this topic, Trust.: Responsible AI, Innovation, Privacy and Data Leadership.

The Sony Data Breach: 3 Painful Lessons

  by Daniel J. Solove The Sony data breach is an exclamation mark on a year that is already known as the” Year of the Data Breach.” This data breach is the kind that makes even the least squeamish avert their eyes and wince. There are at least three things that this breach can teach […]

The Best Preventative Medicine for Health Data Breaches

by Daniel J. Solove Last week, I gave a keynote address at a conference called Safeguarding Health Information: Building Assurance through HIPAA Security, sponsored by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). I’d like to summarize my remarks here for […]

Why the C-Suite Should Have Coffee with the Privacy and Security Officers Every Week

  by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]

The 2 Essential Ways to Prevent Data Breaches

by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .

Waking Up the C-Suite to Privacy and Security Risks

by Daniel J. Solove I was recently interviewed in the Journal of AHIMA on how the C-suite is waking up to the new realities of privacy and data security risks. Before the HITECH Act in 2009, HIPAA enforcement was based on a cooperative model where HHS was not punitive in its approach. Now, big fines […]