The General Data Protection Regulation (GDPR) has become the norm for data privacy in the European Union. What have we learned in the time since its been in effect? We asked 24 data privacy and compliance experts.

Learn about what the Electronic Healthcare Network Accreditation Commission, or EHNAC, is, its benefits, the accreditation process, and best practices in Data Protection 101, our series on the fundamentals of data security.

May's massive breach at First American Financial Corp. exposed 885 million records. Now the company is drawing the attention of regulators, curious if any laws were broken.

Nevada's new law, which will require website operators to honor opt-out procedures, goes into effect on October 1, three months before the CCPA's compliance deadline, January 1, 2020.

Brazil's GDPR-like data protection law, LGPD, owes a lot to the EU regulation but has several key differences that organizations that do business in the country should be familiar with.

Alabama is the latest state to adopt the Insurance Data Security Model Law, a legal framework that requires insurers to develop and implement an information security program among other security standards.

NIST has updated the Federal Information Processing Standard, or FIPS, to align with the international standard, ISO 19790, for the first time.

A new certification, launched by a division of the country's government this week, is designed to help organizations demonstrate "accountable and responsible data protection practices."

Learn about the new NYDFS Cybersecurity Regulation and its implications for financial institutions in Data Protection 101, our series on the fundamentals of information security.

A new survey says GDPR compliant companies are benefiting from their recent privacy investments - as a bonus, they may be less likely to be breached, too.

The French data protection authority said Monday that it has fined Google roughly $57M - the biggest penalty yet under the new law - for failing to acknowledge how its users' data is processed.

These nine steps can help can help organizations looking to achieve PCI Security compliance detect weak spots in their security systems and evolve in the face of challenges.

Learn about the Personal Information Protection and Electronic Documents Act (PIPEDA), what type of data it covers, and how to comply with the act's new data breach notification rules, in Data Protection 101, our series on the fundamentals of information security.

As the wave of data breaches continues to crash down on companies, let’s take a look back at some of the largest and most damaging data breaches on record. Read on for a historical walk through breaches over time as well as resources for preventing data breaches.

Learn about the California Consumer Privacy Act and its larger implications for the rest of the United States in Data Protection 101, our series on the fundamentals of information security.

We countdown 20 information security tips for payment processors in Data Protection 101, our series on the fundamentals of information security.

Learn about the Chief Risk Officer role in Data Protection 101, our series on the fundamentals of information security.

Learn about the Chief Compliance Officer role in Data Protection 101, our series on the fundamentals of information security.

The PCI Security Standards Council released a new tool Tuesday designed to help small merchants better protect their customers' payment card data.

California passed a sweeping data privacy bill on Thursday believed to be the strictest in the nation. The law will give consumers the ability to ask what data companies have on them and to sue over data breaches.