Thomas Yohannan's blog on the relationship between business and technology. Main areas of interest include cybersecurity, risk, law & finance.
Summary: The 72-hour breach reporting requirement will require coordination between people, process & technology for success in the EU and abroad. Article 33 of the
Summary: Data shredding should be one of the key components of an organisation’s plan for remaining GDPR compliant. Companies looking to skip GDPR compliance can
Summary: The transition from “opt-out” to “opt-in” consent will affect the close and delight states of the marketing lifecycle. GDPR’s “opt-in” clause to hit marketing
Summary: Privacy policies will become more simplified and transparent as organizations comply with the GDPR Articles 12, 13 & 14. Compliance with GDPR should start
Summary: When speaking about the GDPR, the EU-US Privacy Shield should only be used as a framework or tool as it is meant to focus
Summary: It is essential that all members of the ITSM team are provided with specific awareness, education and training in GDPR and its implication to