We Get Privacy

Escalating vendor cyber risk, tighter regulatory expectations and fast-moving AI-driven threats increasingly make checkbox diligence insufficient. In this episode, 360 Advanced’s Director of Compliance Strategy, Eric Ratcliffe, joins co-hosts Damon Silver and Joe Lazzarotti to discuss system and organizational control framework reports and how businesses can use them to address critical gaps and make vendor assessments.

As AI tools, workplace monitoring technologies, and data‑driven platforms expand, organizations face growing exposure from collecting, sharing, and retaining more data than they need for defined purposes. In this episode of We Get Privacy, Jackson Lewis Principals Joe Lazzarotti and Damon Silver, co‑leaders of the firm’s Privacy, AI, and Cybersecurity group, break down the data minimization principle and how organizations can use it to better manage data breach, class action litigation, and regulatory risk.

When an organization’s data systems are compromised, they face the daunting challenge of sorting through mountains of sensitive data under intense regulatory pressure. In this episode of We Get Privacy for Work, hosts Joe Lazzarotti and Damon Silver are joined by Matt Morocco, Director and Cyber Practice Lead at Consilio, to break down the real-world complexities of data mining after a breach. Together, they discuss why data mining is essential and how organizations can streamline the process for faster, smarter incident response. 

In the event of the disclosure of business trade secrets, organizations are often so overwhelmed that they overlook potential data breach notification requirements. The potential exposure of trade secrets is increasingly becoming intertwined with the release of legally protected personal information, and it is incumbent on organizations to thoroughly respond to incidents.

Oftentimes, organizations view training simply as another obligation; however, tailored and hands-on privacy and cybersecurity training are essential to safeguard data and ensure operations run smoothly in the event of a breach.  

Lured by the promise of better productivity and compliance with company policies, employee monitoring tools are gaining a lot of traction among employers. On this episode of We Get Privacy for work, we discuss the important privacy and legal implications that organizations must consider before implementing employee monitoring tools.

From timekeeping technologies to dash cams, the Illinois Biometric Information Privacy Act (BIPA) is now being used to challenge a number and variety of time-saving programs and tools. On this episode of We Get Privacy for work, we discuss the factors leading to the rise in BIPA cases.

Class action lawsuits in response to data breaches have skyrocketed as plaintiffs look to take advantage of courts’ perceived leniency regarding standing.

Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to maintain compliant privacy practices for your organization.

To say mergers and acquisitions present significant risk is an understatement; however, additional vulnerabilities are being exposed as bad actors threaten to exploit privacy and data security leaks during the transition.

Remote work has given employers and employees pathbreaking flexibility, but it has also raised a host of data and employee privacy concerns.

The widespread adoption of AI tools has the potential to increase efficiency in the workplace but can also create potential pitfalls if proper planning and processes are not in place. On this episode of We get Privacy for work, we discuss how leveraging the seemingly innocuous AI note taker function can present unintended consequences if unlimited access or unprofessional commentary are not kept in check.

Knowing what data your organization is collecting and from whom is critical to effectively respond to cybersecurity data breaches and prepare for future incidents. 

Many federal and state laws require companies to have reasonable cybersecurity safeguards in the event of a data breach, but do not specify what protections are actually required.

As states increasingly introduce legislative requirements for how companies respond to cybersecurity threats, it is more important now than ever for organizations to have a plan in place to address data breaches if and when they occur.

#WeGetPrivacy #DataPrivacy #Cybersecurity #Privacy #PrivacyComplianceWhether you’re a long-time listener or joining us for the first time, welcome to the new home of the We Get Privacy podcast. Please subscribe to the channel and share it with your colleagues as we continue the conversation about how to use data and technology to improve your business while avoiding expensive headaches like data breaches, class action lawsuits, and regulatory investigations.