The Privacy Act (1993, updated 2020) In June 2020, New Zealand’s parliament passed the country’s Privacy Bill, which will update the country’s data protection practices for the first time in more than a generation. The bill, which replaces the 1993 Privacy Act, includes GDPR-like measures such as data breach reporting requirements and increased fines for […]
What is CMMC? The theft of Intellectual Property (IP) and Personally Identifiable Information (PII) from all commercial industry sectors is a threat to the global economy and national security. Cyber attacks cost the US economy alone between $50 billion and $100 billion per year. Global estimates are $600 billion USD. The US DoD & Military […]
What is Japan’s APPI? The Act on the Protection of Personal Information (APPI), which is one of the first data regulations in Asia, was updated in May 2017 after a series of data breaches took place in Japan. The change in legislation happened a year ahead of EU GDPR, and both Japan and the European […]
What is Canada’s PIPEDA? Canada has always been one of the pioneers of data protection. It enacted the PIPEDA in 2000 and strengthened it with a new privacy act in 2015, which the requirements inspired the GDPR and came into force in 2018. The law applies to Canadian organizations from the private sector uniquely, who […]
What is the Nevada Privacy Law? Nevada has marked itself as a pioneer by following California’s footsteps and becoming the second state to approve new privacy laws aimed at protecting the consumers information. The new legislation requires owners and operators of internet websites as well as online commercial providers to allow consumers the right to […]
On February 28th, 2019, the National Legislative Assembly approved the Thailand Personal data protection Act (PDPA) after almost twenty years in the making. The act will pass into a law after it receives royal endorsement. The PDPA aims to govern data protection and will use GDPR as a blueprint, adopting some of the largest European articles to the Thai context.
In the last two decades, data breaches became a real threat to the people and the Mexican authority understood it well. The Federal Law on the Protection of Personal Data held by Private Parties, also called “the law”, was approved by the Mexican congress and came into action on July 6, 2010. The new regulation applies to private individuals and legal entities who process data on the Mexican territory, and use mean located in Mexico to process personal information.
In 2018, India approved the Data Protection Bill which proposes a legal framework to protect the autonomy of individuals regarding their personal information, and to specify the rights of individuals whose personal data are being processed and stored. The new regulation will be added to the existing laws in order to strengthen India’s position regarding data protection.
The “Australia Privacy principle” was voted in 1988 and intends to protect the personal information of local residents. New regulations were added to it in 2017 in response to the numerous data breaches that took place in the region.
The legislation applies to private sector entities with an annual turnover of at least AU$3 million, and all Commonwealth Government and Australian Capital Territory Government agencies. Organizations from various sectors such as insurance, telecom, healthcare are all subject to the law and can face serious penalties if they do not respect it.
The Data Privacy Act was approved in 2012 and provides a framework for regulating the processing and storage of particularly personal and sensitive data in the Philippines.
Brazil had approved the new regulation about personal data protection which will come into action at the beginning of 2020. The Brazilian General Data Protection Law (LGPD) adds a new legal framework for the use of personal information both online and offline, in the private and public sectors.
The HIPAA act is regulation designed to protect the privacy and security of individuals’ health information while encouraging companies to adopt new technologies to improve the quality and efficiency of patient care. SecuPi developed a solution that helps companies discover and improve the way they handle their customers’ sensitive health-related data by defining rules and providing access on a need-to-know basis.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that apply to any organization that accepts, process, stores and transmits credit card information.
Personal identifiable information is any types of information that when combined with other relevant data could help identify individuals in context. Due to the wealth of information provided by big data, there has been a significant rise in malicious activities, which has raised concerns over how companies handle the personal data of their customers. SecuPi created a platform that enables to maximize the protection of PII on high-risk application. Companies deploy SecuPi to protect their customers’ sensitive data by ensuring that data is accessed on a need-to-know basis while protecting from careless and malicious abuse.
The SOX act of 2002 is a U.S. federal law that established requirements for all U.S. management, public accounting firms and company boards. SOX was created with the intent of protecting the general public and the shareholders from accounting mistakes and malicious activities in enterprises and improve the accuracy of corporate announcements. SecuPi developed a technology enabling U.S. companies to easily meet the SOX requirements act and be compliant within a few days and with no development efforts.
The California Consumer Privacy Act (CCPA) is a legislation imposed on Californian companies in order to protect its consumer’s privacy. It regulates the way organizations collect and store consumer personal information. The CCPA goes into force on January 1, 2020 and will hold companies accountable for protecting their consumers’ data, focusing mainly on profiting from the sale of personal consumer information without their knowledge or consent.
SecuPi augments business applications with the capabilities for meeting GDPR requirements, including ‘Right to be forgotten’, ‘Data Minimization’, ‘Consent’ and ‘Records of Processing Activities’ without code changes and within days per application.