Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

CHRIS LIPPERT

Chris Lippert is a Senior Manager and Privacy Technical Lead with Schellman and is based in Atlanta, GA. With more than 10 years of experience in information assurance across numerous industries, regulations, and frameworks, Chris developed a passion for and concentration in data privacy. He is an active member of the International Association of Privacy Professionals (IAPP), holds his Fellow of Information Privacy (FIP) designation, and advocates for privacy by design and the adequate protection of personal data in today’s business world.

Blog Feature

Privacy | CPRA

By: CHRIS LIPPERT
December 15th, 2022

You’ve probably heard the classic idiom about “keeping up with the Joneses.” According to Miriam-Webster, it means “to show that one is as good as other people by getting what they have and doing what they do.” Generally, that’s usually meant people buying expensive cars or other things they can’t afford to try and maintain the same pace as their peers.

Blog Feature

Privacy

By: CHRIS LIPPERT
July 18th, 2018

Most privacy professionals thought it may take months, if not years, for US privacy laws to catch up to the EU but it looks like California decided to push up the timeline. Last month, the California Consumer Privacy Act of 2018 was passed by California legislature, expanding the definition of personal data and including more rights for California residents. The act includes a new scope to accompany the new requirements, applying to businesses meeting one or more specified criterion, whether they are located in the state of California or elsewhere. The IAPP has estimated that the new act will impact more than 500,000 businesses across the United States. You can read more about the study to determine the number of impacted businesses here.

Blog Feature

By: CHRIS LIPPERT
July 11th, 2018

Security Geeks and Privacy Peeps

Blog Feature

Events | Privacy | GDPR

By: CHRIS LIPPERT
June 1st, 2018

GDPR was the star of the show for the 2018 IAPP Global Privacy Summit. No surprise there. What was surprising was the range of content and speakers that were there. There were multiple data protection commissioners in the building, including Isabelle Falque-Pierrotin from France and Helen Dixon from Ireland, as well as the newly elected chair of the Article 29 Working Party, Andrea Jelinek from Austria. There were some sessions on understanding the basics of the GDPR, sessions on preparing your organization for the upcoming deadline, as well as some sessions speaking to the different consulting and attestation options available to help meet the Regulation. Everywhere you looked it was GDPR and this overwhelming feeling of “The End is Nigh!” There were even shirts given out at the Convention Center that substituted “GDPR” for “Winter” in the popular “Winter is Coming” line from HBO’s series Game of Thrones.

Blog Feature

By: CHRIS LIPPERT
February 14th, 2018

Here’s the big question: Is the General Data Protection Regulation (GDPR) a revolutionary regulation that introduces new concepts of security and privacy? The answer — yes and no. The GDPR does introduce new requirements that are specific to the European Union, but it does so while encapsulating them in a somewhat familiar structure. Although some of the requirements get into specifics with data subjects or specific processes, a number of them have an underlying security and privacy framework that can easily be distinguished.

Blog Feature

By: CHRIS LIPPERT
October 3rd, 2017

With the General Data Protection Regulation (GDPR) becoming effective May 25, 2018, organizations (or rather, organisations) seem to be stressing a bit. Most we speak with are asking, “where do we even start?” or “what is included as personal data under the GDPR?” It is safe to say that these are exactly the questions organizations should be asking, but to know where to start, organizations first need to understand how the GDPR applies to their organization within this new definition for personal data. Without first understanding what to look for, an organization cannot begin to perform data discovery and data mapping exercises, review data management practices and prepare the organization for compliance with the GDPR.

Blog Feature

By: CHRIS LIPPERT
July 18th, 2017

You most likely selected the link to this blog to discover one of two things: 1) how to effectively manage vendor requirements via SOC reports or 2) what the SOC 1/SOC 2 examination requirements are for vendor management. I don’t want to disappoint, so this article will provide you with some knowledge or at least some validation of your current thoughts on the matter.

Blog Feature

Privacy

By: CHRIS LIPPERT
October 27th, 2015

If you remember the film Pirates of the Caribbean: Dead Man’s Chest, the villain Davy Jones cuts his heart from his chest and locks it away, hiding it from the world and protecting it from the ravages of grief. Bit of a drastic action if you ask us, but we—like most people—can understand taking serious lengths to protect the things we care about. That includes information. In this day and age of the Internet, where so much of life takes place, it can be tough to safeguard such data, especially when malicious attackers are constantly seeking to steal it and take advantage.