CCTV Outages and How to Report Them
We’ve likely all been there, right? You’ve just bought a new computer or phone, made certain it was installed correctly, following every bit of instruction down to the letter. And then, you let it be, hoping this new bit of technology is just as easy as it advertises on the box. And yet, there it […]
Read more »SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies
The SEC recently announced that it adopted rules requiring public companies to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. i-SIGMA CEO Nathan Campbell provides comment on the recently adopted rules. Dear i-SIGMA Members, I’m writing to inform you about […]
Read more »Efficiently Keeping Your Business in Compliance
Running a business can be a daunting task, especially when it comes to ensuring compliance with various regulations and laws. Compliance is important not only for legal and ethical reasons but also for the efficiency of your business. By partnering with an i-SIGMA Certified Company who has obtained either their NAID AAA or PRISM Privacy+ […]
Read more »Ask the Professionals About the Employee Retention Credit (ERC) (US companies)
Earlier this year, i-SIGMA hosted a webinar by guest presenter Daniel Risen, an Employee Benefits Advisor and Business Development Executive for OneDigital. Daniel shared with Members how to maximize the Cares Act Incentives via this webinar and a follow-up article in the iG Journal . You can access these here: Maximizing the Cares Act Incentives […]
Read more »Updates on the Morgan Stanley Data Breach
By now, most readers have most likely heard of the Morgan Stanley Data Breach incident. The latest $35M fine from the SEC, on top of the $128.2M Morgan Stanley has already shelled out, is due to the breach of personal data of 15 million customers appearing on hard drives at an auction where the data […]
Read more »Beyond Certification
The title of this blog may seem odd coming from a person who has spent the last 22 years promoting service provider certification. Please bear with me. As readers already know, the premise of Data Processor certifications has changed. Where once they simply provided a general reassurance that a reputable third party had signed off […]
Read more »If Certification is in Your Plans, Now is the Time!
First of all, it is important to remember that i-SIGMA is a non-profit trade association with a mission to improve market conditions for all its members, and the same was true of NAID and PRISM International before the merger. In its role as a member-owned organization, i-SIGMA provides a robust repertoire of member benefits, including […]
Read more »Data Subject Protections Continue to Drive New Privacy Laws
Quebec’s Bill 64 was passed unanimously becoming the most recent example of the continued conveyor belt of regulations inspired by the EU General Data Protection Directive that focuses on new Data Subject protections. Titled, “An Act to modernize legislative provisions as regards the protection of personal information”, the regulation was adopted unanimously, on the 21 […]
Read more »The i-SIGMA Compliance Monitoring Service Has Arrived
The eagerly awaited i-SIGMA Compliance Monitoring Service has arrived. Starting immediately, many service providers will use it, and soon clients around the world will begin seeing promotions encouraging them to use it too. And, if the underlying assumptions behind its creation are correct, they will eventually come to rely on it as a vital demonstration […]
Read more »Legal Marijuana Raises Drug Screening Questions and Risks
(This blog is provided for perspective only and not to be taken as legal advice) As I often remind service providers, though i-SIGMA certifications (NAID AAA/PRISM Privacy+) require drug screening prior to hiring, and either ongoing drug screening or training to recognize substance abuse, the certifications themselves do not prescribe how service providers respond to […]
Read more »