Staying one step ahead by understanding compliance

Introduction to Data Security

Angeline Corvaglia

Founder & Digital Transformation Specialist

Legal vs mandatory regulatory requirements

Legal requirements

Mandated by law

icon legal scales to represent legal requirements

Mandatory regulatory requirements

Set by regulatory bodies

icon representing regulatory requirements

Data security compliance requirements

Safeguard people's personal information

Ensure that organizations handle data responsibly

Group them based on their focus

Data collection and processing
Data subject rights
Data protection

Core of data security icon

Data collection and processing

Lock, shield, and guards around a computer to represent care in data collection and processing

Data minimization: collecting the minimum data for a specific purpose
Purpose limitation: using data only for the purpose it was collected

Data subject rights

Icon with woman sitting on a lock to represent data subject rights

Right to access data a company has about them
Right to erase personal data from company databases

Data protection

Lock surrounded by various symbols of data protection

Data breach notification
Encryption (scrambling) of sensitive data

General Data Protection Regulation (GDPR)

Shield with GDPR written on it in front of images representing data breach notification and data subject rights

Protect EU citizens' personal data

Extensive rights over personal data

Access
Rectify
Erase
Restrict or contest processing

Sarbanes-Oxley Act (SOX)

Shield with SOX written on it in front of images representing financial reporting and internal controls

Prevent financial fraud and improve corporate accountability

Internal controls over financial reporting

Accurate
Reliable
Tested regularly
Evaluated regularly

Cybersecurity Information Sharing Act (CISA Act)

Shield with CISA Act written on it in front of images representing information sharing and data protection

Companies sharing information with the government

In good faith
Protected from liability
Collaboration between private and public

Organizations and individuals worldwide have become more aware of cybersecurity

Staying one step ahead in data security means knowing the law Icon of a man and various data security icons to represent a legal expert on data security

Generally, it depends on the

Nature of the data you handle
Where your customers are located
What industry you are in

Keep up to date

Here are some tips for proactive action:

Check the websites of relevant industry associations
Follow news sources
Attend data security conferences and webinars

Shield icon with a banner with data defender written on it

Let's practice!

Introduction to Data Security