Compliance Matters Navigating the maze of regulatory compliance Once upon a time, being an IT professional was relatively simple – and not just in terms of the technology itself. Today it’s a maze of complexity on several levels. This new monthly blog post will delve into the compliance issues that are facing IT today and […]
If you ask a group of IT professionals what regulatory compliance is all about, at least some of them are likely to answer “security.” It’s the way we think, because security is a technological mechanism and we are, after all, techies. If you ask members of the legal department what compliance is all about, at
Read this post in French, German, Spanish, and Dutch. As the Data Protection Officer at MailChimp, it’s my responsibility to make sure that we’re prepared for—and compliant with—data privacy laws like the GDPR. A few weeks ago, our General Counsel wrote about the benefits of the GDPR and discussed the new tools that we’ve been
Updated Forms, Improved Subscriber Management, and More Read More »
GDPR (General Data Protection Regulation) is set to revolutionize how we process and store data in the digital age, with the aim of giving individuals more control of their personal data. Google Analytics will act as the data processor and your organization as the data controller since your organization is in control of what data
As an agency whose primary focus is building digital experiences, it makes sense that the 2016 rulings to roll out the General Data Protection Regulation (GDPR) would be a subject on which we need to be well-educated. We know first-hand that one of the main benefits of having a website is the ability to process
What You Need to Know About General Data Protection Regulation Read More »
A “people” perspective on GRC models It is no big secret that the “Three Lines of Defence” model underpinning many GRC practices in large firms is poorly understood and poorly applied at grass-root levels. Anecdotal evidence we observe in the field every day suggests that many organisations operate it in a variety of hybrid fashions
The “Three Lines of Defense” Model Only Works On Trust Read More »
No matter what type of business you have or where in the world you’re located, chances are that you’ve heard a lot lately about the EU’s new data privacy law, the GDPR. As General Counsel at MailChimp, a lot of my time over the last year has been spent preparing our business for this new
The keys to a successful second line of defence There are many risk management methodologies in existence but it is not uncommon to come across large firms still following today simplistic, dysfunctional or flawed practices, in particular around operational risk management. The main issue with many of those approaches is that they are plagued by
If your business is based in the European Union (EU) or you have customers or contacts in the EU, then you have probably heard of the General Data Protection Regulation (GDPR) by now. For those who haven’t, the GDPR is an EU privacy law that will take effect on May 25, 2018. It will regulate
In case you missed my first post, I am documenting our GDPR compliance journey, from where I sit as an in-house attorney working for an EU and International SaaS company. Get up to speed by reading my first diary entry. Take your mind back… It’s the end of May – one year before the new
