Why You Need to Pay Attention
By Bob Johnson Over the past decades, NAID members have come to know me for trumpeting the latest data protection regulations and for expounding on their various threats and opportunities. As a result, I understand some might simply think, “Here he goes again. It’s the end of the world as we know it.” I hope […]
September 11, 2019 - by: robertjohnson
Read more »Contracts are a Pain
With the availability of the new i-SIGMA Contract Template, it’s time for a conversation. Contracts are a pain. Why make a big deal out of something about which most customers are clueless. Try telling someone looking for next-day service about your 6-page regulatory contract. You might as well give them your competitor’s phone number. So, with that in […]
August 1, 2019 - by: maggiegeolat
Read more »The market favors stronger qualifications: Success in RIM space comes from more scrutiny, not less
By Bob Johnson, NAID CEO In the span of 30 minutes of watching TV, there was commercial promoting Angie’s List as a source of qualified service providers from dentists to plumbers, another promoting the Trust Certified service providers for a wide range of consumer services, and finally one from the Better Business Bureau promoting the […]
June 5, 2015 - by: naidadminconf
Read more »It’s illegal to hire data destruction services on price alone
By Bob Johnson, NAID CEO Let’s just say ABC Corporation hires a data destruction service because they are the lowest price. It does not take a lot to imagine that scenario, right? It happens all the time – maybe most of the time. It also would not surprise anyone that the lowest bidder might also […]
January 22, 2015 - by: naidadminconf
Read more »Mission critical: Examination of new data protection laws
By Dr. Ross Federgreen, CSR CEO, CIPM, CIPP, European Privacy Association More than half of U.S. states today have enacted data protection laws and regulations, growing from just 15 states a year ago. Federal and international authorities also impose obligations on organizations to provide security for the legally protected personal information or personally identifiable information […]
January 15, 2015 - by: naidadminconf
Read more »Why the case against Target may go to the Supreme Court
By Bob Johnson, NAID CEO Within weeks of the massive Target data breach last December, privacy and legal pundits began speculating about class action lawsuits that would result. So far, most of those predictions have come to pass. Lawmakers made a lot of noise but nothing meaningful developed – at least so far. Hundreds of […]
May 29, 2014 - by: naidadminconf
Read more »Reconciling the conventional approach to ITAD reconciliation
By Bob Johnson, NAID CEO In the upcoming edition of ITAK, the professional journal of the International Association of IT Asset Managers (IAITAM), I wrote an article with Kyle Marks (Retire-IT) about a series of recent events that have demonstrated the hazards of traditional IT asset disposal (ITAD) reconciliations, which have exposed great opportunities for […]
May 22, 2014 - by: naidadminconf
Read more »HIPAA compliance for NAID destruction services
By Bob Johnson, NAID CEO In my last blog, I wrote about the strong-arm tactics being used by some HIPAA compliance consultants to coerce destruction providers into using their services. In this follow up, I offer my perspective on what compliance with the new HIPAA actually looks like. I say “my perspective” because no one […]
October 17, 2013 - by: naidadminconf
Read more »Unintended consequences: Consultants using HIPAA to strong-arm business associates
By Bob Johnson, NAID CEO When the U.S. Federal Trade Commission (FTC) contacted NAID to help write the FACTA Final Disposal Rule, their main concern was what they called “unintended consequences.” It seems every new law has side effects. The FTC’s goal was to anticipate the bad side effects and minimize them when creating new […]
October 8, 2013 - by: naidadminconf
Read more »Compliance and data security are not the same things
By Bob Johnson, NAID CEO On Tuesday, I described how privacy and data security, though often thought of interchangeably, are two distinct and separate concepts. Today, I will show how data security and regulatory compliance, concepts often thought of as synonymous, are actually significantly different as well. For instance, if an organization destroyed their discarded […]
June 13, 2013 - by: naidadminconf
Read more »