Preparing for GDPR Compliance: We Get by with a Little Help from Our (Law Firm) Friends

Are you prepared for the GDPR compliance? The General Data Protection Regulation goes into effect in less than a year, May 25, 2018. Don't worry, Maureen has gathered some of the most helpful GDPR resources published by law firms to help align your organization with GDPR compliance.

Some InfoSec Guidance for In-House and Outside Counsel: ACC Issues its “Model Information Protection and Security Controls”

Previously, we’ve explored the ever-increasing information security risks faced by law firms, which hold some of their clients’ most sensitive and confidential information. This week, one of the world’s largest and most respected law firms fell victim to a ransomware attack, shutting down its entire computer network system for several days. The Model Controls address thirteen areas of security measures which are designed to serve as a list of baseline security measures that corporate counsel may consider requiring its outside law firms to implement.

People, Process, and Technology: A Familiar Refrain, but Still Critically Important

One theme that emerged in many of the programs at the CLOC Corporate Legal Operations Institute is a tenet familiar to us at DiscoverReady: The importance of integrating "People, Process, and Technology" in the design and execution of a solution.

New Cybersecurity Regulations from the NYDFS – What do They Mean?

New, groundbreaking cybersecurity regulation promulgated by the New York Department of Financial Services requires organizations under its jurisdiction to establish and maintain cybersecurity programs. Unlike current federal law that allows substantial flexibility for institutions to implement reasonable security safeguards, the new NYDFS regulations dictate specific, prescriptive measures companies must take to detect, prevent and report cybersecurity threats. Who is covered and what is required?

Data Privacy & Information Governance Get Intimate

Data privacy and information governance get intimate in a recently-settled claim against the Canadian company We-Vibe. The lawsuit alleged that they violated customers' privacy by tracking the very intimate details surrounding usage of "adult sensual lifestyle products," which illustrates again the complexity and ramifications of data collecting, aggregation, and analytics in today's world. And what's particularly interesting is something we've discussed before on this blog, data context.