Kathryn Young is a Privacy Technical Lead with Schellman based in Providence, Rhode Island. She currently performs privacy assessments and certifications related to ISO 27701, GDPR, SOC 2, and Microsoft DPR, among others. Prior to joining Schellman, Kathryn worked in a variety of privacy compliance and cybersecurity-focused roles in the information technology and healthcare sectors. She has her master's degree in cybersecurity and international cyber law from Norwich University, and is an active member of the International Association of Privacy Professionals (IAPP), and has obtained her CIPM, CCSK, and CISSP certifications.
By:
Kathryn Young
May 19th, 2025
In a world where data privacy laws and regulations are rapidly changing, the new ISO 27701:2024 standard has finally arrived and is bringing fresh challenges – and opportunities – for businesses trying to navigate privacy compliance. ISO 27701 is one of several internationally recognized standards in the ISO 27000 family that contain requirements and guidance for information security and privacy management.
By:
Kathryn Young
April 5th, 2024
Amidst the evolving patchwork of data protection and privacy legislation in the United States, privacy remains a top priority for organizations. But protecting privacy also requires resources, and while not all organizations have that much to spare, it is possible to make do with only a small, dedicated team.
By:
Kathryn Young
September 27th, 2023
Generally, privacy impact assessments (PIAs) are defined as evaluation tools that help to better understand how information is gathered, used, maintained, and shared. It’s a formal analysis used to assess what privacy risks exist within the information processing activities that drive specific products and services.