First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

collecting data

Learning the basics on GDPR’s right to be forgotten

To manage the Europe Union’s new GDPR properly, ethics and compliance officers need to consider many parts within their organization, from IT capabilities, exception clauses, and customer service demands. And these parts must be managed and organized in such a way that they work together so that they do not fall apart.


, , , , , , , , , , ,

The control of the personal data ecosystem belongs to the individual

A recent release from the Information and Privacy Commissioner of Ontario on the Personal Data Ecosystem praises organizations taking initiatives to integrate the socio-economic benefits of personal information while maintaining privacy and confidentiality. The Commissioner, Dr. Cavoukian, also co-authored a paper with researchers from the United States and the United Kingdom that delineates the systems […]


, , , , , , , , , , , , , , , ,

Destruction of information – do you know your obligations?

Here’s something you might want to know about: the Federal Government has introduced a law to impose stricter obligations with respect to information and security breaches.


, , , , , , , , , , , , , ,