VP of Compliance with extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management.
Key areas of focus include: Information Technology, Internal Controls over financial reporting, Sarbanes-Oxley, PCI DSS, and HIPAA/HITECH compliance. Experienced in security training and awareness as part of corporate governance and regulatory compliance. ISACA Member & CISA Certified
The concept of privacy has evolved over the years. Looking back at recent history, privacy wasn’t really a big deal because only people who needed to know information about you were privy to your personal information. People like your doctor, your neighbor, your friends, your banker and others knew certain aspects about “you”. But times have certainly changed and as the data about us has evolved our digital signature has become a critical component of our lives and who has access to our personal information is a concern for everyone if they are to ensure their information is to be kept private.
Privacy by the common definition is “the ability of an individual or group to seclude themselves, or information about themselves, and thereby express themselves selectively. The boundaries and content of what is considered private differ among cultures and individuals, but share common themes.”
Protecting what’s “important” has risen to the top of the list of all security, regulatory, privacy and standards agendas because cybercriminals are stealing data at an alarming rate. We hit a record in 2016 in the number of records stolen globally [NBC news]. It is alarming that every agency across the globe wants to enforce privacy controls by means of updating or issuing new regulations and standards. US states are now enacting independent regulations to ensure adequate controls are in place to protect financial data. European Union has taken the US State Security Breach Notification Laws to the next level by enacting the new General Data Protection Regulation.
Cybercriminals are stealing data at an alarming rate. We hit a record in 2016 in the number of records stolen globally [NBC news]. Organizations across all industries must consider all threats and risks to data by simply adopting privacy best practices and implementing security controls. When we address privacy we need to consider privacy of the person, the communication, the information, the territory and the association to name a few. This simply means that we need to consider all data about all of us in all scenarios. Whew! This is all quite challenging but necessary in our continuous effort to protect data and ensure privacy is in place!!