News & Events
Stay on top of the changing information governance landscape with expertly written blogs and industry-driven webinars by Zasio experts. Our case studies show how we’ve served every industry from pharmaceutical to utilities.
Update on the EU-U.S. Data Privacy Framework
Since our previous post discussing plans for the European Union-U.S. Trans-Atlantic Data Privacy Framework, the United States has taken a significant step toward setting this new framework into action.
On Oct. 7, 2022, President Joe Biden signed an “Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,” which lays out steps the U.S. will take to implement its commitments under the new framework. It was the U.S.’s signals intelligence activities and a lack of adequate safeguards in place to protect personal data involved in such activities, after all, that led to the European Court of Justice’s decision to...
SEC: More than $1 billion in fines issued after companies fail to preserve electronic communications
WASHINGTON, D.C., — Several firms have agreed to pay millions in fines after the federal government reported they failed to maintain and preserve electronic communications.
In September, the Securities and Exchange Commission said it issued more than $1.1 billion in fines after several firms acknowledged they violated federal securities laws.
From January 2018 through September 2021, the firms’ employees routinely communicated about business matters using text messaging applications on their personal devices, the SEC reported in a news release. The government says the firms did not maintain or preserve the substantial majority of these off-channel communications, in violation of federal...
Zasio Represented at Health Sciences Records and Archives Association Conference in Manchester, England
I attended the HSRAA (Health Sciences Records and Archives Association) Conference in Manchester, England. The conference focused on life science records management processes, the establishment and management of GxP archives, and the lifecycle management of regulated records. Featured speakers presented on several relevant topics including conformance with industry self-regulatory organizational recordkeeping standards and regulatory requirements including GxP and the very recent and complex EU Medical Device Regulations (MDR & IVMDR).
The conference attendees, speakers, and city of Manchester were good to me. I met many new records management industry professionals and took the time to meet with several...
What is Privacy Anyway? A Brief Introduction for RIM Professionals
Privacy is a crucial part of records and information management.
Privacy, however, can be a puzzling topic to approach. Formal RIM texts frequently contain little privacy. And a RIM professional’s first experience many times involves jumping headlong into some involved issues, and without much exposure to the foundations. This can be like being handed a pair of scrubs and pulled into the operating room without completing a surgical residency, let alone medical school.
In the U.S., federal privacy laws are a potpourri of requirements that apply based on the market sector, type of entity, or type of data you’re involved...
What the Heck is Privacy, Anyway? Some Foundations on Privacy Law in the U.S.
Privacy is everywhere these days. And as RIM professionals, we must be aware of how privacy laws impact records and information management. But terms like ‘sectoral versus comprehensive regulatory approach,’ ‘cross contextual behavioral advertising,’ and many, different—and often convoluted—definitions of ‘personal data’ can make privacy a difficult topic to stay engaged in.
Thankfully, for RIM professionals, privacy doesn’t have to be overwhelming, and an introduction to—or review of—the basics can go a long way.
...
November Virtual Coffee with Zasio Consulting
Keeping records longer than needed for legal, regulatory, and business or operational needs exposes companies to significant risks and expenses, particularly in the age of privacy. Despite the threats, companies continue to fall behind in executing defensible dispositions successfully.
Disposition is a critical step in the records and information management lifecycle, and a challenge is creating the infrastructure and culture to do it defensibly. For this virtual coffee, our discussion will focus on pre-submitted and participant questions guided by the following defensible disposition in RIM/IG components:
- Policies, procedures, and other infrastructure
- Records retention schedules and their implementation
- Fostering a culture...
Legal Research and RIM – A Primer on Methodology
Ever wondered how long a company’s balance sheets have to be kept for tax purposes in Switzerland, or whether sharing personal data with third parties is restricted in Brazil? Maybe your first question is, “Where and how would I even look for those requirements?”
In the world of records and information management (RIM), legal research plays a critical role by providing the foundation for a solidly defensible records management program. Legal research ensures that statutory and regulatory recordkeeping obligations have been considered and accounted for, particularly within record retention schedules.
Although legal research can be simply defined—identifying and retrieving the...
American Data Privacy and Protection Act (ADPPA) Basics & Why It’s Significant
A comprehensive federal data privacy law in the United States has never been closer to reality. Even with bipartisan and bicameral support, it still has many obstacles to overcome to get through Congress. The most recent hurdle was making it out of the House Committee on Energy and Commerce, which sent the bill to the full House for consideration after numerous compromises led to a 53-2 vote to advance. The following is a big picture overview of the ADPPA in its current form.
Who Supports/Opposes it, and What are the Major Points of Contention?
Proponents of the bill cite the...
In Defense of Destruction
A few years ago, I attended a discussion hosted by a federal regulatory agency. At the time, I was a litigation associate at a large international law firm, forehead-deep in discovery, preservation, and production for an expansive government investigation. During the discussion, a government attorney floated the idea that, with advances in technology and the government’s increased familiarity with electronically stored information (“ESI”), the agency someday might just ask companies to hand over all ESI falling within an investigation’s parameters. The agency’s attorneys could then simply sift through the trove of information, and they could determine what was relevant (and not privileged). The remark...
California Privacy Rights Act (CPRA) Prep Workshop
The California Privacy Rights Act (“CPRA”) compliance deadline is fast approaching. Is your house in order? Don’t let the CPRA’s January 1, 2023, implementation date or the July 1, 2023, enforcement date sneak up on you! If you’re like many of our clients, you’ve heard a lot about the passage of the CPRA. You may have also heard about the CPRA’s new draft regulations approved in June by the new California Privacy Protection Agency (“CPPA”). These regulations are poised to significantly expand and codify privacy rights and procedures for a wide range of businesses that handle the personal data of...
ZConnect
Stay up-to-date with Zasio
News and events
Product releases and updates
Conference and event announcements
"*" indicates required fields
Quick Links
Corporate Office
401 W. Front St.
Suite 305
Boise, ID 83702
(800) 513-1000
connect@zasio.com
A pioneer in information governance, we continue to expand our technology and consulting services to help businesses of all sizes maintain the highest records management and retention standards.