Close

Regulations

Why You Need to Pay Attention

By Bob Johnson Over the past decades, NAID members have come to know me for trumpeting the latest data protection regulations and for expounding on their various threats and opportunities. As a result, I understand some might simply think, “Here he goes again. It’s the end of the world as we know it.” I hope […]

Read more »

Contracts are a Pain

With the availability of the new i-SIGMA Contract Template, it’s time for a conversation. Contracts are a pain. Why make a big deal out of something about which most customers are clueless.  Try telling someone looking for next-day service about your 6-page regulatory contract. You might as well give them your competitor’s phone number. So, with that in […]

Read more »

The market favors stronger qualifications: Success in RIM space comes from more scrutiny, not less

By Bob Johnson, NAID CEO In the span of 30 minutes of watching TV, there was commercial promoting Angie’s List as a source of qualified service providers from dentists to plumbers, another promoting the Trust Certified service providers for a wide range of consumer services, and finally one from the Better Business Bureau promoting the […]

Read more »

It’s illegal to hire data destruction services on price alone

By Bob Johnson, NAID CEO Let’s just say ABC Corporation hires a data destruction service because they are the lowest price. It does not take a lot to imagine that scenario, right? It happens all the time – maybe most of the time. It also would not surprise anyone that the lowest bidder might also […]

Read more »

Mission critical: Examination of new data protection laws

By Dr. Ross Federgreen, CSR CEO, CIPM, CIPP, European Privacy Association More than half of U.S. states today have enacted data protection laws and regulations, growing from just 15 states a year ago. Federal and international authorities also impose obligations on organizations to provide security for the legally protected personal information or personally identifiable information […]

Read more »

Why the case against Target may go to the Supreme Court

By Bob Johnson, NAID CEO Within weeks of the massive Target data breach last December, privacy and legal pundits began speculating about class action lawsuits that would result. So far, most of those predictions have come to pass. Lawmakers made a lot of noise but nothing meaningful developed – at least so far. Hundreds of […]

Read more »

Reconciling the conventional approach to ITAD reconciliation

By Bob Johnson, NAID CEO In the upcoming edition of ITAK, the professional journal of the International Association of IT Asset Managers (IAITAM), I wrote an article with Kyle Marks (Retire-IT) about a series of recent events that have demonstrated the hazards of traditional IT asset disposal (ITAD) reconciliations, which have exposed great opportunities for […]

Read more »

HIPAA compliance for NAID destruction services

By Bob Johnson, NAID CEO In my last blog, I wrote about the strong-arm tactics being used by some HIPAA compliance consultants to coerce destruction providers into using their services. In this follow up, I offer my perspective on what compliance with the new HIPAA actually looks like. I say “my perspective” because no one […]

Read more »

Unintended consequences: Consultants using HIPAA to strong-arm business associates

By Bob Johnson, NAID CEO When the U.S. Federal Trade Commission (FTC) contacted NAID to help write the FACTA Final Disposal Rule, their main concern was what they called “unintended consequences.” It seems every new law has side effects. The FTC’s goal was to anticipate the bad side effects and minimize them when creating new […]

Read more »

Compliance and data security are not the same things

By Bob Johnson, NAID CEO On Tuesday, I described how privacy and data security, though often thought of interchangeably, are two distinct and separate concepts. Today, I will show how data security and regulatory compliance, concepts often thought of as synonymous, are actually significantly different as well. For instance, if an organization destroyed their discarded […]

Read more »