On March 24, Utah’s Governor Spencer Cox signed the Utah Consumer Privacy Act (Utah Law) into law, making it the fourth state privacy law enacted in the United States. The Utah regulation joins the California Consumer Privacy Act (CCPA), which was amended by the California Privacy Rights Act of 2020 (CPRA), Virginia Consumer Data Protection Act (Virginia Law), and the Colorado Privacy Act (Colorado Law).
March 22, 2022 , Virtual event
February 10, 2022, Virtual event
Riyadh, Saudi Arabia, February 1-3, 2022
AWE USA 2021, November 11, 2021, San Francisco, CA
When legal counsel acts as the steward and initiates a policy program, your enterprise will gain online integrity and increased chances for reaching its overall strategic plan.
The severity and damage can vary, but some kind of breach is inevitable. When that happens, you won’t have time to figure out what to do. You need an action plan that can be implemented immediately, covering everything from how you stop an attack to how you notify customers whose information may have been compromised.
Like the varying clerks in the times of the Book of Kells, with the right knowledge, your content can be clear and sound regardless of time and circumstance. Something to be admired and emulated for years to come.
For all sorts of reasons -- some of them justified, some not -- IT has earned a reputation as the place where good ideas go to die. It's time to change that thinking!
Redesigning the structure of the IT organization and the role it plays in the company is a huge job, and not something you can do on your own (or even with your own leadership team)! You’ll need help from allies throughout the company.
Today’s CIO has a once-in-a-career opportunity to build an organization that can fulfill a very real need: that of in-house consultant. For many IT organizations, that won’t be easy, but no part of digital transformation is. For IT, it’s a complete change of mission, from one of control and gatekeeping to one of support and advice.
As organizations dive head-first into new technologies to avoid being victims of digital disruption, they’re taking on new risks that aren’t even on the radar of many auditors.
Before you jump in the deep end of the pool that is known as conversational AI, take the opportunity to consider the role of digital policies in keeping your enterprise protected while also reaping the rewards that the new channel provides.
The world has certainly changed for all of us in the past five months. While the largest casualty of the pandemic has been human lives and the negatively impacted health of many survivors, digital privacy is also at the top of that list.
Do you have a process for determining how (or even whether) you should respond to users on racial and social justice issues? Here's my advice for getting some digital policies and processes in place.
Consumers are paying attention to racial and other social justice issues now, and they’re demanding that brands do the same. Do you have your processes defined to address the issues correctly?
How do you create policies that act as guard rails, giving employees a high degree of freedom within a framework established to minimize the possibility of making a mistake?
When COVID-19 erupted into our lives, we had to adapt quickly, working from home despite what our digital policies might say about security and personal devices.
I urge IT professionals and digital policy stewards alike, to broaden the scope of discussions to include other situations that may require a change in digital policies such as changes in technology. And here is how to get started!
Natural disasters -- hurricanes, tornados, earthquakes, etc. -- disrupt “business as usual” for both you and your customers. One way to avoid disruptions is to create sound digital policies. Let's delve into the how and what to get this done!
Knowing that sooner or later, you will need to address a data breach within your organization, fear is not the answer. Proactively preparing yourself and bringing good people into the fold to create the right proactive and response team, is the right solution.
How many times do you hear that IT is slowing down the digital marketing process, focused so much on security that Marketing can’t be responsive to user needs? Or how many times does it seem like Marketing is not giving any thought to serious operational considerations, such as backups and disaster recovery?
Coronavirus means revenue loss for many organizations . But what positive impact, or opportunity, can your business realize amidst such a crisis? The answer is "significant," so long as you have the right policies in place.
No matter where your digital communications and marketing efforts are focused, you have users who have a disability. It only makes sense to include them and offer a way for them to access digital content.
What will you start/stop/keep doing in 2020 to best utilize your time in sharing and learning digital practices? I’ve sorted through my reflections and plans.
One way to surprise your users (in a bad way) is to pre-date content and hang up your "out of office for the rest of the year" sign.
The leadership must be committed to investing the necessary resources of time, money, human resources, and, in some cases, technology. So how do you get your management on board with digital policy aspirations?
Digital Experience Summit, Monday, November 04, 2019, Chicago, IL
“The views are my own and don't reflect those of my employer." is not a bulletproof statement. The views of the employee might not be those of the organization, but the employee is part of the organization, and what is said in social media reflects directly back on the organization.
We have to demand more of our leaders, and that starts with demanding more of our candidates. Their websites are about a decade behind basic digital security and privacy standards.
MarTech Workshop, Monday, September 16, 2019 @ the Hynes Convention Center, Boston, MA
FaceApp, the mobile app introduced in 2017 and suddenly experiencing a revival in social media, might offer a few minutes of fun. But the impact on your personal privacy will be forever.
You know that your organization needs a digital policy program in order to support tangible, business objectives. But getting your stakeholders to buy into digital policies can feel a lot like getting toddlers to eat spinach.
While I certainly don’t think it’s necessary for you to learn about things like processors and RAM, I do think it’s important to understand how the internet affects our lives both personally and as a society. Here is a resource to steer you in the right direction.
Agile2019, Washington, DC, August 5-9, 2019
Comprehensive digital policies and practices ensure that a business complies with regulations. Counterintuitively, they also help the bottom line, unlock opportunity and streamline operations.
This is the time for companies to institutionalize (create, codify, train, hold accountable) smart and sound digital policies and practices in order to reduce digital risk and capitalize on the opportunities.
No need to fear yet another data privacy regulation! Learn the differences between GDPR and CCPA to plan and keep yourself above the fray appropriately.
Smashing Conference, June 25-26, 2019 Toronto, Canada
It would be nice if we could create laws before the situations they address present themselves, but the law rarely works that way. Here is how to provide digital policy guidance in an ever-changing landscape
IoT Evolution 2019, January 29 - February 1, 2019 in Fort Lauderdale, Florida
KM Showcase - Beyond the Theory, April 4-5, 2019, Arlington, VA
Digital Experience Conference 2019 - Renaissance Washington DC, Washington, DC (April 29-30, 2019)
If you’re responsible for digital governance at your organization, pay close attention to case studies of companies like Nike and Intel to learn how digital policies can be used to support, encourage, and inspire digital workers
April 14-16, 2019 Washington D.C.
IoT and digital are cool, but companies such as car manufacturers can’t move fast enough to take full advantage of it.
It’s not business as usual! The rise in data protection laws is impacting your digital marketing and online operations.
Katie Quinn, the wife of Lewiston, CA's fire chief used social media to provide key information and a sense calm during the recent Carr Fire. Depending on your organizational culture, industry, and maturity, you should think twice before replicating such a governing model. Or if you do, you might want to reach out to Katie for some training!
DX Summit on November 12, 2018 in Chicago
What you need to know about the GDPR stance on automated decision-making
The 2018 World Technology Conference took place in Seattle recently and I was lucky enough to attend this mind meld event. Read on for observations and highlights.
Is your company US-based and assuming that GDPR doesn't have an impact since you don't have offices in the EU? Wrong!
Global Compliance and Integrity, Thursday, May 17, 2018 9:30am to 11:00am Session 1: Global Challenges; Global Compliance
Regardless of the ongoing tax legislative discussions outcome, one thing is certain – we will continue to pay taxes. All of the digital capabilities required to make our lives easier are available today. While it is too late to impact 2017 taxes, 2018 and beyond is open for improvements. Let’s start applying data and technology to create a better tax game.
Does your digital workplace offer integrity and productivity? Join me for this workshop and learn best practices for your enterprise.
When GDPR goes into effect May 25, 2018, will your organization be able to comply with how the data is obtained, managed, processed, and disposed of under the regulation?
How are you doing when it comes to producing consistently high-quality content in a complex multi-site, multi-language and multi-channel digital presences?
Listen up marketers! If you have not heard of the GDPR or if you assumed that you’re in the clear because you’re in the U.S. rather than the EU, here is what you need to know.
Use this list to determine which digital policies you choose to create and adopt depend on variables particular to your organization.
What can your organization do to guide employees into correctly balancing their rights to free speech and personal use of social media, while also protecting the brand and reputation of your company?
Here is how you incorporate existing standards into your own set for organizational use.
All eyes have been on GDPR, but there is more to digital integrity and online risk coming our way. Pay attention to the proverbial forest as well as the trees.
There are no perfect sets of standards, but you can come close with these tips.
Policies are a two-pronged opportunity for layers: Protecting clients from dangers and generating revenue in the process.
Don't re-create policies and silo digital requirements. Instead, extend organizational policies to include digital.
Nothing! As long as you use them in the right way. Here is how.
In using online services and products, users give up aspects of their privacy, and that seems to be acceptable up to a point. But how do you know you are not crossing that line?
I recently attended two conferences, the DX Summit and Gilbane, and share my key takeway on a shift in digital.
What is the difference between a good and a bad standard? It's contents of course!
No matter how thoughtful and well-intentioned your policy ideas are, you’re not going to be on the front lines of putting them into practice. Developers and designers will, which is why they can play the indispensable role of telling you what’s possible and what isn’t.
To remain competitive in today’s market and continue to exist in the face of increasing digital and business disruption your legacy digital processes and operational models must be updated. Here's what to consider.
Quality tools are not inherently bad or a poor investment, but you need to understand their capabilities and the value they will add to the organization.
The EU’s General Data Protection Regulation (GDPR) has been gaining a lot of attention lately, as the law’s effective date (May 25, 2018) looms closer. Is your university ready?
Short of GDPR Resources? Join the club, but consider these steps towards compliance.
Customers want to know that they can trust your content and what is behind it - that it says what it means, that it's consistent, that it's accurate, and that you stand by it.
As you face the big countdown clock to May 2018, think about the type of digital policy organization that you want to be and determine how you want to position yourself to address GDPR, as well as future post-GDPR regulations.
There’s a lot more to creating digital policy than coming up with a list of rules.
There are many times when a standard operating procedure is appropriate. Here is how to determine when you should create yours.
A review of key questions to ask and determine whether you are dealing with personally identifiable information (PII).
The costs relating to any digital risk can be material, and most organizations do not calculate the risk of such exposure. It is the job of the CFO to ensure that the business appropriately reflects those risks in the 10-Q and 10-K filings.
How can you ensure that your organization is protected and prepared when (not if!) an audit occurs?
Creating thorough digital policies is critical to capitalizing on the opportunities presented by the digital age.
Once you have identified who in your organizations should be tasked with establishing digital policy, it is time to assign official duties. I have provided a good list to get you started.
Deciding exactly how many standards authors you should have, and how many is too many, is exactly what we tease out during digital governance framework definition efforts.
Creating and maintaining digital policies is, by nature, a team endeavor. But you also need someone to lead the team.
A good digital policy repository will enable digital workers to self-service to guidance, and you will have a higher rate of compliance.
Security and data breach. Branding. Trademarks and copyrights. Social media usage. Search engine optimization. Digital marketing content ownership. Who in your organization is thinking about these issues hollistically?
Organizations have historically relied on IT for technical systems execution and, with the rise of websites and associated digital operations, that norm continued. So why can't IT own digital policies?
If you have an online presence, you have an online risk. And it extends way beyond publishing a blog post with an embarrassing spelling error.
Writing 10-15 pages of guidance in legalese and saving a PDF version to your Intranet is not the way to go about writing good digital policy. Here is what it really takes, and it's easy!
Stand up a functional policy program to align your organization to individual accountabilities for digital. In doing so, you can stop your organization from failing and begin to celebrate online integrity of your digital operations.
Use the WanaCrypt opportunity to re-examine your approach to digital policy as well as the roles of those invested in your digital.
It is not a question of if a data breach will threaten your small business, but when.
A primer on how to get started with digital policy development.
Data security and data breaches are a big deal. Get the list of countries that have legal requirements for notification.
Today business users and digital marketers challenge their organization’s online integrity in many ways. Lawyers can help avoid the legal and regulatory landmines that pose a threat.
There is more to standards than writing down guidance. Here's what it takes to get them adopted and used.
Legal counsel should be a meaningful partner in ensuring that digital is delivered with integrity, but most in most businesses this is not the case.
How can your organizations set itself apart in a world of diminishing online privacy?
Many U.S.-based companies extend their service and product reach into Canada with the assumption that our northern neighbors have the same regulatory and legal requirements. Unfortunately, this is not the case.