Today’s Top Regulatory Compliance Issues, Challenges, Best Practices

Learn more about today’s top regulatory compliance issues, challenges, and best practices from Charles Denyer, one of the world’s foremost cybersecurity experts and keynote speakers.

Are you familiar with today’s regulatory compliance mandates – PCI DSS, HIPAA, GDPR, SOC 1/SOC 2/SOC 3 audits, and more – if not, then now’s the time to get up to speed!  Annual regulatory compliance commitments are costing businesses both time and money, and with no end in sight, businesses need to be better prepared in understanding, planning, and implementing ongoing compliance needs and commitments.

Today’s Top Regulatory Compliance Regulations, Standards, and Frameworks

Here’s the short list of what I call the heavyweights of regulatory compliance – the most commonly requested regulations, frameworks, and standards throughout North America:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • General Data Protection Regulation (GDPR)
  • Payment Card Industry Data Security Standards (PCI DSS)
  • ISO 27001/27002
  • Federal Information Security Modernization Act (FISMA)
  • HITRUST
  • SOC 1/SOC 2/SOC 3 Reporting:

Bottom Line:

  • Businesses are being hit hard with a seemingly never-ending wave of regulatory compliance requirements.
  • Compliance is costing businesses both time and money – and lots of it.
  • Businesses need to be on the search for a competent, well-trained compliance officer.

Say Hell to the Biggest of them all – the GDPR

Speaking of compliance, one of the biggest, most monumental data privacy laws ever to hit the entire globe is the General Data Protection Regulation, simply known as the GDPR.  Sure, there’s an already laundry list of legislative rulings in place that have resulted in notable financial and operational burdens on businesses in the U.S. – HIPAA, Sarbanes-Oxley, PCI DSS, GLBA, and more – and GDPR now becomes yet another strict regulation in what’s becoming an increasingly long-line of compliance rulings.  GDPR compliance for U.S. companies has hit our shores, so it’s time to get serious about data privacy and security, and this has businesses worried.

Here’s the skinny for U.S. Businesses.  If you store, process, and/or transmit personal information for EU data subjects, then you have to be GDPR compliant, which means the following:

  • Allow customers to view, modify, and/or delete their personal information.
  • Provide notice of data breaches within 72 hours.
  • Make data policies transparent.
  • Put in place a Data Protection Officer (DPO) in some cases.
  • Follow the “privacy by design” principles.
  • Develop robust information security and operational policies, procedures, and processes.

An answer of yes, or even a slight hint or acknowledgement that your business may in fact support such activities relating to personal data of EU data subjects will ultimately require some form of compliance with the GDPR. 

Bottom Line:

  • The GDPR is impacting businesses in all corners of the globe, not just the EU.
  • If you store, process, and/or transmit personal information for EU data subjects, then you have to be GDPR compliant.
  • North American businesses are realizing that GDPR compliance is essential.

Want to Learn More and also Grow your Business?

Want to learn more about today’s growing regulator compliance laws, regulations, standards, and frameworks, and how cybersecurity can be your rock-solid competitive advantage for long-term growth and profits? Charles Denyer, one of the world’s leading cybersecurity specialists and a globally recognized cybersecurity keynote speaker, offers organizations a way to secure their information systems, while also creating immense value – and increased revenue generating opportunities from their clients.  How? By obtaining a competitive advantage through cybersecurity.  Book Charles as your next keynote speaker, and learn more about securing and growing your business today.

Keynote Topics

A Security First Marketing Approach

Changing Organizational Culture when it comes to Cybersecurity

The A to Z on Cybersecurity

Cyberterrorism & America’s Critical Infrastructure

Responding to a Cyber Attack

Understanding Today’s Growing Data Privacy & Regulatory Compliance Landscape

Can’t Have One Without the Other

Why InfoSec & Cybersecurity and Regulatory Compliance are Forever Hitched with One Another