Protect your personal data with these top tips

CISO story: how to protect personal data

Figuring out how to build your systems to keep data secure is a tricky task and there is much to consider. Throughout my work as a CISO for over a decade, I have come across and helped implement different data security for banks, e-commerce, and as a consultant. I have put together this 10-step guide to help you get your data practices in shape and let you know about some of the finer points.

Alexey
AlexeySeptember 10, 2021
Discover PII in the cloud

How to discover personal data in cloud storage

Data loss prevention (DLP) tools are often employed to discover and monitor personal data in the cloud, but how effective and costly are they and how do you set one up?

Dimitri
DimitriSeptember 02, 2021
Brendon Lynch of Airbnb speaks to Soveren about privacy.

Privacy impact podcast: Episode 1 with Brendon Lynch

Guest: Brendon Lynch, Chief Privacy Officer at Airbnb (formerly at Microsoft). In this very first episode our host Doug Heintzman — veteran technologist and former IBM tech strategist — asks Brendon about his views on the various reasons companies need to worry about privacy and data protection. They discuss the impact of IoT, artificial intelligence, ecosystems, and changing customer expectations on an increasingly complex privacy landscape. Listen in to hear about privacy as a journey and what its first essential steps are.

Soveren
SoverenAugust 31, 2021
DSARs can come in all shapes and forms and from various channels

Trials and tribulations of recognising DSARs

DSARs can be tricky to recognise, but failing to do so could land you in hot water. A good set of policies and documents, adequate training, and an effective privacy tool are the crucial elements for managing DSARs.

Anselmo
AnselmoAugust 10, 2021
GDPR management software: ultimate guide

GDPR management software: ultimate guide

GDPR software can be a great tool that can cut much of your routine, manual compliance work down. But what is it for and do you even need it? Read this ultimate guide to find out what the ideal software should have and whether GDPR management software is the right choice for your organization.

Soveren
SoverenJuly 13, 2021
DPIA checklist

DPIA checklist

DPIA (Data Protection Impact Assessment) is an obligation under the GDPR for identifying and minimizing data protection risks in a project. A DPIA is a systematic and comprehensive analysis of any processing of data which is likely to result in high risk to individuals.

Soveren
SoverenJune 16, 2021
Learn the difference between data mapping and RoPA

GDPR data mapping and RoPA: what’s the difference?

Data mapping and record of processing activities (RoPA) are two concepts that are often misunderstood in data privacy. Sometimes it can be unclear whether you need to create a data map or record the processing activities, or whether the two are identical. Let’s understand the differences between the two and learn when to do which.

Soveren
SoverenJune 09, 2021
What GDPR management software should you be using?

GDPR Management Software for SMEs

Compliance with laws is a cost center for businesses the world over: big or small. With the introduction of data privacy legislation around the world, businesses and other organizations are being made to treat their customers and their data with more respect. This has come at a cost in terms of resources spent on compliance with laws such as the GDPR, and compliance has become a time sink for many companies. So what software is out there to free companies like yours from the privacy routine?

Soveren
SoverenJune 01, 2021
Privacy compliance program

Privacy compliance program

Privacy compliance is an ongoing concern for organizations across the globe. With data privacy regulation becoming more of a challenge as more legislation is adopted worldwide, the cost of compliance has increased substantially. This makes it necessary for companies to adopt and employ privacy compliance programs. Let’s take a look at why you need a privacy compliance program and how you can implement one.

Soveren
SoverenMay 27, 2021
Data mapping made simple with this guide

GDPR data mapping: ultimate guide

GDPR data mapping is a great way to start tracking data in your organization and to have a complete inventory of personal data. However, it can be a difficult task and you may not know where to even start. We have created an ultimate guide to mapping personal data in your organization to simplify the entire process and get you on the right track to being fully GDPR compliant.

Soveren
SoverenMay 17, 2021
Risk is a key factor to determining whether you need to carry out a DPIA.

DPIA: do I need to do one?

As part of the GDPR, many different new rules for businesses were introduced to change practices and protect consumer data. One of the rules obligates organizations to carry out risk assessments for their data practices. One of these is called a Data Protection Impact Assessment (DPIA). But what are these assessments and do you need to do one?

Soveren
SoverenMay 11, 2021
Holding a record of processing activities is mandatory under the GDPR.

RoPA: why you need one

RoPA stands for record of processing activities and is obligatory for certain organizations under Article 30 of the GDPR. Creating a RoPA for your organization may seem like a time-consuming and daunting task, but we are here to help and make it easier. Read this explainer article to find out how to complete a RoPA for your organization using Soveren’s free tool.

Soveren
SoverenApril 29, 2021
Specific activities require a DPIA

DPIA: what is it?

DPIA stands for data protection impact assessment. DPIA is the process of measuring and mitigating the risk factors involved in collecting, storing, and using personal data. Since personal data is sensitive to an individual's identity, organizations collecting this data need to be clear about their purposes for doing so and the privacy safeguards they have in place.

Soveren
SoverenApril 22, 2021
DSARs come in all shapes and forms

DSARs: how to deal with them

DSAR is a data subject access request: where an individual seeks to exercise their right to access information an organization stores on them. Upon receiving a DSAR from a person, your organization has a legal duty to respond to the request, provide a copy of the data collected, and explain how and why the data is being processed. Let’s outline how you can handle DSARs to comply with data privacy laws such as the GDPR.

Soveren
SoverenApril 13, 2021
DSAR template when completed

DSAR response template: how to use

DSARs are data subject access requests that your customers send you to learn about what data you collect and store on them. Responding to them with one calendar month is a requirement of the GDPR and can be challenging for many organizations. We have created a DSAR response template to help you streamline your DSAR workflow and speed up the whole process. Learn how to complete the template in this article.

Soveren
SoverenApril 06, 2021
Developments in US privacy laws

Privacy legislation in USA March 2021 update

With California streets ahead on privacy, it sometimes feels like the rest of the US is playing catch up. Virginia joined the party this month, passing its new legislation: Consumer Data Protection Act (CDPA). Is it just a matter of time before the other states join in, or will Federal law come in to eclipse everything? Let’s take a look at the privacy legislation developments in the US as they are right now.

Soveren
SoverenMarch 30, 2021
Learn how to complete your data map with our template explainer

GDPR data mapping template: how to complete

GDPR data mapping is a great step to help your organization visualize what data is stored where, why, and for how long. Creating a GDPR data map is a daunting task, so we have created a simple template to get you started.

Soveren
SoverenMarch 23, 2021
Have a granular overview of your personal data.

GDPR data mapping: getting granular

GDPR data mapping sounds easier and less time consuming than it actually is. Data privacy professionals looking to create a full inventory of the personal data their organization holds can have difficulty knowing where to start in GDPR data mapping. Once you have categorized your personal data, know where it is, why you have it, and how long you should retain personal data for, you can get granular with each data point and indicate what you use each piece of data for.

Soveren
SoverenMarch 16, 2021
Document consent and retention periods for a full record of your processing activities.

GDPR data mapping: documenting basis and retention

GDPR data mapping is a multifaceted task that can aid data protection staff in their work on a day-to-day basis. One important aspect of having a complete inventory is mapping all the personal data you hold, and documenting the legal basis as to why you handle people’s personal data. Added to that, you need to have policies in place which define the length of time you hold the data: the retention period. Let’s take a closer look at how to document the legal basis for processing and the retention periods for your GDPR data map.

Soveren
SoverenMarch 09, 2021
Learn what a DSAR is

DSAR: what is it?

DSAR stands for data subject access request. It is a legal mechanism whereby consumers can demand to access, amend, or erase their data which is held by companies, in accordance with data protection laws.

Soveren
SoverenMarch 02, 2021
Learn where data is for GDPR data mapping

GDPR data mapping: where is personal data held?

GDPR data mapping can seem like a daunting task, with personal data buried across all sorts of applications and databases. Having a clear inventory in the form of a data map which shows where data is not only helps locate data should a consumer ask for their data, but also helps you comply when asked to produce a GDPR Article 30 report by your data protection authority.

Soveren
SoverenFebruary 24, 2021
Learn how to start your data mapping journey

GDPR data mapping: where do I start?

GDPR data mapping can be a tricky exercise and it is difficult to know where to start. That is why we decided to create a series of articles to explain how you can map data, creating a data inventory for your organization. Read on to learn where you should start your data map process. (Spoiler: you need to define which categories of data you hold.)

Soveren
SoverenFebruary 15, 2021
Free data mapping template
Save time and effort by downloading Soveren’s free GDPR data mapping template.
Download now
Subscribe to our newsletterReceive the latest news, data privacy insights and updates
We will not share your email address. 
For more information, read our privacy policy.