Tag: data privacy

Understanding How Data Privacy, Data Governance, and Data Security Differ

Michael Hoard Leave a comment

Ever wonder what’s the difference between data privacy, data governance and data security? All of these terms are frequently (and mistakenly) used interchangeably. They are indeed related, particularly when it comes to keeping data in the cloud protected, private and secure, but the definitions and mechanics of executing on each are all quite different.

Join us on March 30, 2022 for another SNIA Cloud Storage Technologies Initiative (CSTI) “15 Minutes in the Cloud” session for an overview of what each of these terms means, how and where they intersect, and why each one demands adequate attention or you risk threatening the overall security of your data.

Read More

A Q&A on Protecting Data from New COVID Threats

Alex McDonald Leave a comment

The SNIA Cloud Storage Technologies Initiative began 2021 discussing the topic that has been on everyone’s mind for the last year – COVID-19. But rather than talking about positive cases or vaccine availability, our experts, Eric Hibbard and Mounir Elmously, explored how COVID has increased cybersecurity concerns and impacted the way organizations must adapt their security practices in order to ensure data privacy and data protection. If you missed our live webcast “Data Privacy and Data Protection in the COIVD Era” it’s available on-demand.

As expected, the session raised several questions on how to mitigate the risks from increased social engineering and ransomware attacks and how to limit increased vulnerabilities from the flood of remote workers. Here are answers to the session’s questions from our experts.


Q: Do you have any recommendations for structuring a rapid response to an ongoing security threat?

Read More

How COVID has Changed Data Privacy and Data Protection

Alex McDonald Leave a comment

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home and other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws.

The SNIA Cloud Storage Technologies Initiative (CSTI) will be taking on this important topic with a live webcast on January 20, 2021, “Data Privacy and Data Protection in the COVID Era” where our SNIA experts will discuss:

Read More

Q&A – The Impact of International Data Protection Laws on the Cloud

Alex McDonald Leave a comment

The impact of international data protection legislation on the cloud is complicated and constantly changing. In our recent SNIA Cloud Storage Webcast on this topic we did our best to cover some of the recent global data privacy and data protection regulations being enacted. If you missed the Webcast, I encourage you to watch it on-demand at your convenience. We answered questions during the live event, but as promised we’re providing more complete answers in this blog. If you have additional questions, please comment here and we’ll reply as soon as we can.

The law is complex, and neither SNIA, the authors nor the presenters of this presentation are lawyers. Nothing here or in the presentation should be construed as legal advice. For that you need the services of a qualified professional.

Q. What are your thoughts on Safe Harbour being considered invalid, and the potential for a Safe Harbour 2

A. Since 6 October 2015 when the European Court of Justice invalidated the European Commission’s Safe Harbour Decision, there’s been a lot written about Safe Harbour 2 in the press. But it was clear that a renegotiation was essential two years before that, when discussions for a replacement were started. Many think (and many hope!) that a new and valid agreement in terms of Europe’s Human Rights legislation will be settled between the US and Europe sometime in March 2016.

Q. Are EU Model Clauses still available to use instead of BCRs (Binding Corporate Rules)?

A. EU-US data transfers facilitated by the use of model clauses probably today fail to comply with EU law. But as there appears to be no substitute available, the advice appears to be – use them for now until the problem is fixed. Full guidance can be found on the EC website.

Q. What does imbalance mean relative to consent?

A. An example might help. You might be an employee and agree (the “consent”) to your data being used by your employer in ways that you might not have agreed to normally – perhaps because you feel you can’t refuse because you might lose your job or a promotion for example. That’s an imbalanced relationship, and the consent needs to be seen in that light, and the employer needs to demonstrate that there has been, and will be, no coercion to give consent.

Upcoming Webcast: The Impact of International Data Protection Legislation on the Cloud

Alex McDonald Leave a comment

Data Privacy vs. data protection has become a heated debate in businesses around the world as governments across the globe are proposing and enacting strong data privacy and data protection regulations. Join us on November 18th for our next Cloud Storage live Webcast “Data Privacy vs. Data Protection: The Impact of International Data Protection Legislation on the Cloud.”

Mandating frameworks that include noteworthy changes like defining a data breach to include data destruction, adding the right to be forgotten, mandating the practice of breach notifications, and many other new elements are literally changing the rules when it comes to data protection. The implications of this, and other proposed legislation, on how the cloud can be utilized for storing data are significant. Join this live Webcast to hear:

  • “Directives” vs. “regulation”
  • General data protection regulation summary
  • How personal data has been redefined
  • Substantial financial penalties for non-compliance
  • Impact on data protection in the cloud
  • How to prepare now for impending changes

Our experts, Bob Plumridge, SNIA Europe Board Member; Eric Hibbard, Chair SNIA Security TWG, and I will all be available to answer your questions during the event. I encourage you to register today for this timely discussion. We hope to see you on November 18th!