Privacy Compliance Blog

The latest privacy compliance news, issues, resources and expert advice to save you time and minimize time to compliance

General Privacy

New IAPP and TrustArc Report Reveals a Majority of Companies Are Embracing a Single Global Data Protection Strategy
By: Nymity

TrustArc, the leader in privacy compliance and data protection solutions, and the International Association of Privacy Professionals (IAPP), the world's largest global information privacy community, today announced the results of new benchmarking research that examines the current state of privacy operations.

TrustArc’s Nymity Awareness Tracker Enables Privacy Knowledge Across Entire Business
By: Nymity

TrustArc, the leading privacy automation and intelligence platform provider, today announces major updates to Nymity Awareness Tracker, the first compliance solution on the market to streamline contextual privacy awareness across an entire business.

REIMAGINING PRIVACY: TrustArc Acquires Nymity
By: Nymity

Today we’re pleased and proud to be announcing that Nymity, the company I founded almost 18 years ago, is joining forces with TrustArc Inc, a fellow pioneer in privacy solutions.

Brexit and Data Protection: What Happens in Case of a Deal?

By: Paul Breitbarth

Erlier today, the European Union and the United Kingdom reached agreement on a revised customs plan for Brexit.

Managing Data Breaches, Best Practices for an Accountability Approach

By: Paul Breitbarth

The CCPA, EU’s GDPR, Canada’s PIPEDA, Brazil’s General Data Protection Law, Australia’s notifiable data breach scheme are just a few examples of international data breach notification laws that have come into play in recent years.

New Report: Taking the Pulse of the Privacy Office

By: Nymity

There has been no rest for privacy professionals coming out of last year’s GDPR compliance activities. With California (CCPA) and other jurisdictions bringing in new and/or amended privacy legislation, putting increasing demands on the privacy office, it isn’t surprising that privacy professionals are feeling anxious.

Reporting to the Board on Privacy: Practical Advice from a Chief Privacy Officer

By: Nymity

Corporate directors and senior leaders take on a broad range of responsibilities when they join a company’s board. Privacy is increasingly becoming one of the issues board members are focusing on as part of their compliance and oversight obligations.

Nymity Launches Next Generation Solutions Enabling Organizations To Minimize Time To Compliance

By: Nymity

Nymity, Inc. announced the availability of its next generation of solutions built on Nymity’s integrated, research-driven, expert privacy platform, enabling organizations to minimize time to compliance with US, European and global privacy legislation.

GDPR, CCPA, LGPD, and more: Staying afloat in the sea of global privacy regulations

By: Teresa Troester-Falk

Aversion of this post originally appeared in CPO Magazine. The global privacy legislation landscape continues to be a complex sea to navigate. To date we have seen 117 omnibus laws (GDPR) and another 28 sectoral laws (CCPA) come into play.

Reporting Data Privacy Obligations to Your Board

By: Nymity

We get a lot of requests on how to report on data privacy obligations, especially as they gain more visibility with boards.

Welcome to Data Privacy Day

By: Nymity

Today is Data Privacy Day - an international effort held annually on January 28 to create awareness about the importance of respecting privacy, safeguarding data, and enabling trust.


By: Teresa Troester-Falk

I don’t think any of us will soon forget May 25th, 2018. The EU GDPR was the first law with global repercussions, and it required extensive organizational changes.

Data Retention Policies Demystified

By: Paul Breitbarth

At Nymity, we often get questions regarding the retention of personal data under various laws.

Making the Transition from Project to Program: How HID Global Complies with Multiple Privacy Laws

By: Jennie Hargrove

For multi-jurisdictional organisations, complying with the GDPR and other applicable laws, such as the upcoming CCPA, may seem daunting, but there is no time to waste.

How to Acquire Budget for Your Privacy Program

By: Ray Pathak

One of the most common questions we are asked is, “How do I make a business case to acquire budget for my privacy program?

From Privacy Project to Privacy Program: Learn How GM, Coca-Cola European Partners and Otter Products Leverage GDPR Initiatives to Comply with the CCPA and More

By: Teresa Troester-Falk

To comply with obligations under the GDPR (and the 700+ other global privacy laws), it is best to take an accountability approach.

An Accountability Approach to Data Subject Rights: Understanding and Protecting the Rights of Individuals Under Multiple Laws

By: Paul Breitbarth

Although they have been around for almost four decades, data subject rights have recently gained attention with the advent of the EU’s GDPR and California’s upcoming CCPA. Both laws award extensive rights to data subjects.

Demonstrating Compliance with Multiple Laws, from GDPR to CCPA

By: Teresa Troester-Falk

The dust has barely settled on GDPR preparation, and another big law is coming down the pipeline that will affect organisations established in the state of California or doing business there.

Part 2: How to Take an Accountability Approach to Compliance with Multiple Laws (GDPR, CCPA and 700 more!)

By: Teresa Troester-Falk

Some organisations have been treating the GDPR as if it were a one time project with an end date of May 25th.

Part 1: How to Take an Accountability Approach to Compliance with Multiple Laws (GDPR, CCPA and 700 more!)

By: Teresa Troester-Falk

With the advent of the GDPR and the overwhelming attention it received, the layperson may have assumed it was the first privacy law ever to be passed.

Accountability – It is more relevant than ever

By: Nymity

The discussion on accountability is heating up around the globe. On the edges of the recent IAPP Asia Forum in Singapore, the Center for Information Policy Leadership (CIPL) held a Workshop in collaboration with the Singapore Personal Data Protection Commission (PDPC) on “Implementing Accountability.” Nymity was pleased to participate in the workshop.

Demonstrating Compliance with both GDPR and CCPA

By: Paul Breitbarth

With the dust of the entry into application of the GDPR hardly settled, the data protection community is shaping up to deal with the next challenge: the California Consumer Privacy Act.

GDPR Breach Notification Is Here: What Now?

By: Paul Breitbarth

After years of anticipation, preparation, and countless hours of interpretation, the GDPR went into effect on May 25, 2018 and changed the data protection landscape for companies all around the world.

Nymity Privacy Management Accountability Framework™ at a Glance, Part 2

By: Nymity

As your organisation continues to implement technical and organisational measures for the purpose of providing evidence of GDPR compliance, the Nymity Privacy Management Accountability Framework™ can serve as a helpful tool.

Nymity Privacy Management Accountability Framework™ at a Glance, Part 1

By: Nymity

The Nymity Privacy Management Accountability Framework™ is an easy-to-read, menu-style visual tool that identifies operational and practical measures that, if implemented and maintained, may provide evidence of GDPR compliance.

How to Get Started and Demonstrate Compliance through an Accountability Approach: Part 3

By: Nymity

In today’s final installment of our three-part series on Accountability, we will be examining how taking an accountability approach to privacy management assists in demonstrating compliance.

How to Get Started and Demonstrate Compliance through an Accountability Approach: Part 2

By: Nymity

In Part 1 of this three-part series, we took a look at how the concept of Accountability has evolved over the years from simply achieving strict compliance with the laws, to being able to demonstrate compliance through a proactive approach to privacy management.

How to Get Started and Demonstrate Compliance through an Accountability Approach: A Three Part Series

By: Nymity

In 1980, the original OECD Guidelines introduced the accountability principle. Twenty-five years later, it was also addressed in the 2005 APEC Privacy Framework.