GDPR: Approaches for Protecting Personally Identifiable Information (PII) and Sensitive Personal Information (SPI)

Many companies are currently in different stages of projects to comply with the European Union’s General Data Protection Regulation (GDPR) ahead of the May 2018 enforcement deadline. Many vendors and service providers speak generally about GDPR and often, in my view, over simplify solutions to issues that are raised. Rather than try to address the whole of the regulation, I want to speak specifically about a practical issue that most…

From the Office of the CTO: Rethinking the SSN in light of Equifax

It has been almost two weeks since Equifax announced that a cyber-attack potentially affected 143 million Americans in an unprecedented and massive data breach. According to the US Census Bureau, there were 125.9 million adult men and women in the United States as of 2014. With a population growth rate of approximately 2.9 million per year, it is a safe bet that if you have received credit for anything in…