We’ve likely all been there, right? You’ve just bought a new computer or phone, made certain it was installed correctly, following every bit of instruction down to the...
The SEC recently announced that it adopted rules requiring public companies to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding...
Running a business can be a daunting task, especially when it comes to ensuring compliance with various regulations and laws. Compliance is important not only for legal and...
Earlier this year, i-SIGMA hosted a webinar by guest presenter Daniel Risen, an Employee Benefits Advisor and Business Development Executive for OneDigital. Daniel shared with Members how to...
By now, most readers have most likely heard of the Morgan Stanley Data Breach incident. The latest $35M fine from the SEC, on top of the $128.2M Morgan...
The title of this blog may seem odd coming from a person who has spent the last 22 years promoting service provider certification. Please bear with me. As...
First of all, it is important to remember that i-SIGMA is a non-profit trade association with a mission to improve market conditions for all its members, and the...
Quebec’s Bill 64 was passed unanimously becoming the most recent example of the continued conveyor belt of regulations inspired by the EU General Data Protection Directive that focuses...
The eagerly awaited i-SIGMA Compliance Monitoring Service has arrived. Starting immediately, many service providers will use it, and soon clients around the world will begin seeing promotions encouraging...
(This blog is provided for perspective only and not to be taken as legal advice) As I often remind service providers, though i-SIGMA certifications (NAID AAA/PRISM Privacy+) require...
To keep i-SIGMA certifications (NAID AAA and PRISM Privacy+) relevant, they must reflect and validate service providers’ regulatory requirements. As I have often written, that is one of...
This is the second blog of a two-part series. The first installment provided a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and its...
This blog will be presented in two-parts. In this first installment, I will provide a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and...
It’s happened to many data destruction service providers and to those it hasn’t happened yet, it will at some point. It looks like this: You have been destroying...
Most readers will immediately associate the title of this blog with the U.S. Homeland Security campaign to enlist the public in their efforts to expose potential risks. The...
For all the bad things about the pandemic shutdown, one thing is certain; it has forced you to reduce your operations down to the basics. You had no...
First, I would like to commend Morgan Stanley. They somehow learned IT assets disposed of four years ago may not have been properly wiped by the vendor they...
Things are tough. It perfectly understandable that you, your staff, and your customers are unsettled. It’s going to be that way for a while. As it stands, there’s...
In March, i-SIGMA announced changes to PRISM Privacy+ Certification making it not only more affordable but also a much stronger sales tool. March is also when COVID-19 made...
By: Tom Dumez, CHP, CSCS With my many years of involvement with PRISM and so many relationships that have been formed over the years, I am asked by...
Early Monday morning an email from the Compliance Officer (CO) of a large client organization has been received by the Operations Manager (OM). Not the ideal way to...
By Bob Johnson Over the past decades, NAID members have come to know me for trumpeting the latest data protection regulations and for expounding on their various threats...
In a previous PRISM International blog, there was a discussion related to RIM providers responding to issues of abandoned records within a record center. As a follow-up to...
Who pays the bill when the company declares bankruptcy? When a practitioner retires and/or meets an untimely death–who pays the RIM service invoice? What about the outstanding invoices...
With the availability of the new i-SIGMA Contract Template, it’s time for a conversation. Contracts are a pain. Why make a big deal out of something about which most...
By Bob Johnson, NAID CEO In the span of 30 minutes of watching TV, there was commercial promoting Angie’s List as a source of qualified service providers from...
By Bob Johnson, NAID CEO Let’s just say ABC Corporation hires a data destruction service because they are the lowest price. It does not take a lot to...
By Dr. Ross Federgreen, CSR CEO, CIPM, CIPP, European Privacy Association More than half of U.S. states today have enacted data protection laws and regulations, growing from just...
By Bob Johnson, NAID CEO Within weeks of the massive Target data breach last December, privacy and legal pundits began speculating about class action lawsuits that would result....
By Bob Johnson, NAID CEO In the upcoming edition of ITAK, the professional journal of the International Association of IT Asset Managers (IAITAM), I wrote an article with...
By Bob Johnson, NAID CEO In my last blog, I wrote about the strong-arm tactics being used by some HIPAA compliance consultants to coerce destruction providers into using...
By Bob Johnson, NAID CEO When the U.S. Federal Trade Commission (FTC) contacted NAID to help write the FACTA Final Disposal Rule, their main concern was what they...
By Bob Johnson, NAID CEO On Tuesday, I described how privacy and data security, though often thought of interchangeably, are two distinct and separate concepts. Today, I will...
By Bob Johnson, NAID CEO When I address an audience of privacy professionals, especially an international audience, I often point to the fact that the U.S. has the...
By Bob Johnson, NAID CEO One of the country’s most prominent and respected privacy experts, attorney Kirk Narha, reported the HITECH Final Rule may be released soon, possibly...
By Tom Dumez, President of Prime Compliance The “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules” Notice of Proposed Rulemaking (NPRM) was initially published in July 2010....
By Bob Johnson, NAID CEO In Boston this morning, a group of secure destruction professionals took the Certified Secure Destruction Specialist (CSDS) Examination. It was the second such...
By Bob Johnson, NAID CEO In 2006, the five largest credit card companies formed the Payment Card Industry (PCI) Security Standards Council as a self-policing data security initiative designed to...
By Bob Johnson, NAID CEO From any perspective, the NAID AAA Certification Program has been an amazing success. The program will soon certify its 1,000th member location. Also, hundreds...
By Bob Johnson, NAID CEO In my blog next Tuesday, I will continue my pricing thread about why secure destruction professionals aren’t willing to do what’s necessary to...
By Bob Johnson, NAID CEO It is illegal to select a data destruction service provider on price alone. So what qualifications should you use to select a vendor?...
View all
Association News
Blog
Business Management
Digital
Electronics
Operations
Press Room
Regulations
Sales & Marketing