The General Data Protection Regulation (GDPR) is one of the strongest security and privacy frameworks in operation in the world. Of this regulation, Article 32 stands out among its numerous guidelines as it deals explicitly with the “security of processing” of personal data.

This piece aims to demystify GDPR Article 32, breaking down its requirements and their implications for businesses of all sizes. Whether you’re a business owner, a data protection officer, or a GDPR enthusiast, this article will provide the insights you need to grasp and implement the crucial aspects of Article 32.

Read More

GDPR governs data privacy in the EU, and organizations on both sides of the Atlantic are grappling with its intricacies. 

However, understanding the ins and outs of GDPR, particularly its provisions around international data transfers, can take time and effort. To further complicate matters, the Schrems II decision invalidated the EU-US Privacy Shield Framework and prompted an ongoing reassessment of some of these transfer mechanisms. 

In this article, we will delve into the GDPR’s data transfer mechanisms and discuss the implications of the Schrems II decision.

Read More

GDPR certification is quickly becoming a topic of concern for enterprise businesses worldwide. With news of Meta’s record-breaking $1.3B fine from the European Union, companies are learning that data privacy and compliance in the EU is no joke. This article will dig into GDPR to discuss how organizations can approach their security and privacy with best practices. We also discuss the challenge of finding certification bodies and the emergence of a new standard–Europrivacy–that promises to streamline that process. 

Read More