Close

Beyond Certification

The title of this blog may seem odd coming from a person who has spent the last 22 years promoting service provider certification. Please bear with me. As readers already know, the premise of Data Processor certifications has changed. Where once they simply provided a general reassurance that a reputable third party had signed off […]

Read more »

If Certification is in Your Plans, Now is the Time!

First of all, it is important to remember that i-SIGMA is a non-profit trade association with a mission to improve market conditions for all its members, and the same was true of NAID and PRISM International before the merger. In its role as a member-owned organization, i-SIGMA provides a robust repertoire of member benefits, including […]

Read more »

Data Subject Protections Continue to Drive New Privacy Laws

Quebec’s Bill 64 was passed unanimously becoming the most recent example of the continued conveyor belt of regulations inspired by the EU General Data Protection Directive that focuses on new Data Subject protections. Titled, “An Act to modernize legislative provisions as regards the protection of personal information”, the regulation was adopted unanimously, on the 21 […]

Read more »

The i-SIGMA Compliance Monitoring Service Has Arrived

The eagerly awaited i-SIGMA Compliance Monitoring Service has arrived. Starting immediately, many service providers will use it, and soon clients around the world will begin seeing promotions encouraging them to use it too. And, if the underlying assumptions behind its creation are correct, they will eventually come to rely on it as a vital demonstration […]

Read more »

Legal Marijuana Raises Drug Screening Questions and Risks

(This blog is provided for perspective only and not to be taken as legal advice) As I often remind service providers, though i-SIGMA certifications (NAID AAA/PRISM Privacy+) require drug screening prior to hiring, and either ongoing drug screening or training to recognize substance abuse, the certifications themselves do not prescribe how service providers respond to […]

Read more »

Regulatory Changes Have the Potential to Enhance Client Engagement and Service Provider Profits

To keep i-SIGMA certifications (NAID AAA and PRISM Privacy+) relevant, they must reflect and validate service providers’ regulatory requirements. As I have often written, that is one of our biggest challenges, and it is the key to NAID AAA Certification and PRISM Privacy+ Certification maintaining their growing preeminence with clients internationally. For more than a […]

Read more »

How Does NAID AAA Certification Intersect With NIST 800-88? (Part 2)

This is the second blog of a two-part series. The first installment provided a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and its overlap with physical media destruction requirements. This installment, addresses the implications of the same on electronic media erasure. Though reading Part 1 of this series is not […]

Read more »

How Does NAID AAA Certification Intersect With NIST 800-88? (Part 1)

This blog will be presented in two-parts. In this first installment, I will provide a perspective on the relative differences in NAID AAA Certification and NIST 800-88 and its overlap with physical media destruction requirements. In the next installment, I will do the same on the implications for electronic media erasure. I assume most readers […]

Read more »

What to do When Clients Misapply Specifications

It’s happened to many data destruction service providers and to those it hasn’t happened yet, it will at some point. It looks like this: You have been destroying media for a client for many years, when they ask whether you comply to a certain specification or standard. (Usually someone else in the firm is bringing […]

Read more »

See Something, Say Something

Most readers will immediately associate the title of this blog with the U.S. Homeland Security campaign to enlist the public in their efforts to expose potential risks. The logic, of course, is obvious; people who are out and about in their local communities and neighborhoods are the most likely to recognize bad actors and bad […]

Read more »