Aspen Dental’s $18.7 Million Pixel Tracking Settlement
August 6, 2025
When a client asks us what the risk is of running tracking technology on their website and not giving users the ability to opt out
Category: Governance Risk And Compliance
Governance, Risk, and Compliance (GRC) is a holistic framework that integrates three critical elements for organizational success.
• Governance establishes the foundation for effective decision-making and ensures that organizational activities align with its strategic objectives. It encompasses a robust system of internal controls, clear lines of authority and accountability, and ethical guidelines that guide employee behavior.
• Risk Management involves identifying, assessing, and mitigating potential threats to the organization. This includes a comprehensive evaluation of various risks, such as financial, operational, reputational, legal, and technological risks. By proactively identifying and addressing these risks, organizations can minimize potential losses, protect their assets, and ensure business continuity.
• Compliance ensures adherence to all applicable laws, regulations, and industry standards. This includes complying with data privacy regulations (e.g., GDPR, CCPA), financial reporting standards, environmental regulations, and industry-specific guidelines.
Captain Compliance provides valuable resources and expertise to help organizations understand GRC. Read the free educational material below about GRC from the compliance superheroes at Captain Compliance.
Allianz Life Data Breach Exposes Majority of U.S. Customers
August 1, 2025
On July 26, 2025, Allianz Life Insurance Company of North America disclosed a massive data breach impacting the personal data of more than half of
The Tea App Breach: A Catastrophic Privacy Failure in the Quest for Women’s Safety Online
July 26, 2025
In a cruel twist of irony, the Tea app—billed as a “safe space” for women to share anonymous reviews and warnings about men in the
Building a Stronger Privacy Foundation with a Privacy Maturity Model
July 23, 2025
Privacy laws keep changing from one country to the next, companies can’t afford to treat data privacy like some routine paperwork and a privacy officer
DIFC Bolsters Data Privacy and Legal Framework with Enactment of Amendment Law No. 1 of 2025
July 18, 2025
In a significant move to reinforce its position as a premier global financial hub, the Dubai International Financial Centre (DIFC) has announced the enactment of
Deer Oaks Pays $225K for HIPAA Failures Tied to Patient Data Exposure and Ransomware Attack
July 14, 2025
Deer Oaks – The Behavioral Health Solution, a provider of psychiatric and psychological services for long-term care facilities, has agreed to pay $225,000 and implement
Privacy Perfect Approach Avoids Data Privacy Fines and Litigation
July 10, 2025
Failing to prioritize data privacy can lead to severe consequences, including hefty fines and costly litigation. Striving for a privacy perfect approach where you don’t
DOJ Data Security Program Enforcement Compliance Software
July 9, 2025
The U.S. Department of Justice’s (DOJ) Data Security Program (DSP; 28 C.F.R. Part 202) is now fully enforced, marking a significant shift in how U.S.
Flock’s License Plate Scandal Exposed: States Fight Back Against Surveillance Overreach
July 3, 2025
The world of surveillance technology took a dramatic turn this week as Flock Safety, a leading provider of automatic license plate reader (ALPR) systems, announced
Vietnam’s New Personal Data Law
July 2, 2025
Vietnam’s National Assembly passed a sweeping Personal Data Protection Law (There are numerous countries with a PDPA law that we help ensure compliance for) that introduces
