<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">
Contact a Specialist
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

CHRIS LIPPERT

Chris Lippert is a Senior Associate at Schellman and is based in Atlanta, GA. With more than 5 years of experience in information assurance, Chris has a concentration in SOC and privacy engagements. He is a member of the International Association of Privacy Professionals (IAPP) and advocates for privacy by design and the adequate protection of personal data in today’s business world.

Blog Feature

Privacy

By: CHRIS LIPPERT
July 18th, 2018

Most privacy professionals thought it may take months, if not years, for US privacy laws to catch up to the EU but it looks like California decided to push up the timeline. Last month, the California Consumer Privacy Act of 2018 was passed by California legislature, expanding the definition of personal data and including more rights for California residents. The act includes a new scope to accompany the new requirements, applying to businesses meeting one or more specified criterion, whether they are located in the state of California or elsewhere. The IAPP has estimated that the new act will impact more than 500,000 businesses across the United States. You can read more about the study to determine the number of impacted businesses here.

Blog Feature

By: CHRIS LIPPERT
July 11th, 2018

Security Geeks and Privacy Peeps

Blog Feature

Events | Privacy | GDPR

By: CHRIS LIPPERT
June 1st, 2018

GDPR was the star of the show for the 2018 IAPP Global Privacy Summit. No surprise there. What was surprising was the range of content and speakers that were there. There were multiple data protection commissioners in the building, including Isabelle Falque-Pierrotin from France and Helen Dixon from Ireland, as well as the newly elected chair of the Article 29 Working Party, Andrea Jelinek from Austria. There were some sessions on understanding the basics of the GDPR, sessions on preparing your organization for the upcoming deadline, as well as some sessions speaking to the different consulting and attestation options available to help meet the Regulation. Everywhere you looked it was GDPR and this overwhelming feeling of “The End is Nigh!” There were even shirts given out at the Convention Center that substituted “GDPR” for “Winter” in the popular “Winter is Coming” line from HBO’s series Game of Thrones.

Blog Feature

By: CHRIS LIPPERT
February 14th, 2018

Here’s the big question: Is the General Data Protection Regulation (GDPR) a revolutionary regulation that introduces new concepts of security and privacy? The answer — yes and no. The GDPR does introduce new requirements that are specific to the European Union, but it does so while encapsulating them in a somewhat familiar structure. Although some of the requirements get into specifics with data subjects or specific processes, a number of them have an underlying security and privacy framework that can easily be distinguished.

Blog Feature

By: CHRIS LIPPERT
October 3rd, 2017

With the General Data Protection Regulation (GDPR) becoming effective May 25, 2018, organizations (or rather, organisations) seem to be stressing a bit. Most we speak with are asking, “where do we even start?” or “what is included as personal data under the GDPR?” It is safe to say that these are exactly the questions organizations should be asking, but to know where to start, organizations first need to understand how the GDPR applies to their organization within this new definition for personal data. Without first understanding what to look for, an organization cannot begin to perform data discovery and data mapping exercises, review data management practices and prepare the organization for compliance with the GDPR.

Blog Feature

By: CHRIS LIPPERT
July 18th, 2017

You most likely selected the link to this blog to discover one of two things: 1) how to effectively manage vendor requirements via SOC reports or 2) what the SOC 1/SOC 2 examination requirements are for vendor management. I don’t want to disappoint, so this article will provide you with some knowledge or at least some validation of your current thoughts on the matter.