Spirion Profile picture
27 Jan, 3 tweets, 1 min read
Q7 #CPRA seeks to protect a new class of personal information, known as “sensitive personal information.” What should #CISOs do to prepare for this new reality?
A7 CISOs should review the list of elements included in this new class, confer with the organization’s privacy leader, and determine what, if any, new controls need to be added. --Scott

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Spirion

Spirion Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Spirion

27 Jan
Q6 What measures and best practices should organizations take to ensure their data security practices are legally adequate? #AskSpirion
A6 All (or nearly all) modern privacy laws require that organizations conduct a risk assessment in order to apply proper controls, both administrative and technical. (1)
A6 Those organizations should review their assessments to make sure they account for changes in the kind of personal data used and how it’s being used. (2) --Scott
Read 4 tweets
27 Jan
Q5 More than half of all states have proposed data privacy legislation. What steps can organizations take to ensure they are building global privacy capabilities for the regulatory future? #AskSpirion
A5 First, organizations should conduct a privacy risk assessment. It’s critical to understand just what data qualifies as personal, both on the surface and as used in practice. Second, they need to understand where it’s stored and how it’s used and who has access to it. (1)
A5 Finally, they should review their set of controls, both administrative and technical, and determine what changes need to be made in order to mitigate any identified risks.
--Scott (2)
Read 4 tweets
27 Jan
Q4 How does a #dataprivacy tool help me de-identify sensitive data so it can be safely stored and reused for analysis, monetization use with 3rd parties?
A4 Data privacy tools can remove elements of personal data that are unnecessary or duplicative while keeping elements that enable legitimate analysis, research, and monetization (1)
A4 De-identifying data in a way that keeps it usable for research is difficult. De-identified data can be combined with other sources (private/public) to re-identify the data. Be sure to consider outside sources that could impact privacy when using data for research. (2) --Aaron
Read 4 tweets
27 Jan
Q3 How can organizations better guard against insider breaches? #askspirion
A3 (1) The key to minimizing insider breaches is to conduct an inventory of the personal information that your organization has in its possession and eliminating everything that you don’t need or is otherwise duplicative.
A3 (2) From there, classifying that information according to sensitivity and placing controls on it such as DLP will serve to prevent it from leaving the network or cloud data store. --Scott
Read 4 tweets
27 Jan
Q2 What can organizations do to better scale their data privacy and compliance programs to accommodate consumers' rights over their data – including the right to be forgotten? #AskSpirion
A2 Scaling implies a combination of compliance strategy, processes to implement that strategy, and controls to prevent anything from falling through the cracks. (1)
A2 One method I use is to conduct a thought experiment: what if we were to receive a million RtbF requests? How would we scale to accomplish that? --Scott (2)
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!