This post highlights how you could use Kong Gateway to implement a solution for the Australian Consumer Data Standards (CDS), which is part of the Consumer Data Right legislation introduced by the Australian Government in November 2017. As detailed on the Australian ACCC website: CDR will give consumers greater access to and control over their data and will improve consumers’ ability to compare and switch between products and services.

The Healthcare Insurance Portability and Accountability Act (HIPAA) has been an important federal law in healthcare since 1996. Part of its purpose was to create standards meant to protect sensitive patient information, and it took on even more important once the digitalization of patient health records became widespread. Now it’s required for certain types of businesses to protect patient health information—or face fines that range from $100 to $50,000 per violation.

Wherever your business operates, you may have to follow the GDPR or face massive fines. It’s an epic legal document but much of it boils down to some key principles. The best approach is to store and manage your data in a way that makes GDPR-compliance straightforward. Here’s what you need to know.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. federal law. It sets national standards for health care providers to maintain the privacy of patients' protected health information (PHI), including electronically protected health information (ePHI). If you collect, store, or process any kind of patient or medical data, you need to be aware of HIPAA and how it affects your operations. But what does it really mean to be HIPAA compliant?

Almost every aspect of our lives deals with data in some way. By 2025, the world could be producing 463 EB (exabytes, a unit equaling 1 billion gigabytes) of data each day. That’s why it’s more crucial than ever to keep personal data safe yet easily accessible to those allowed to view it.

The General Data Protection Regulation (GDPR) is a landmark piece of legislation that affects how organizations can handle, process, and store the personal data of European Union (EU) citizens and residents. But what does the GDPR require exactly, and how can you be sure that your organization complies with it? We go over everything you need to know in this all-in-one guide to GDPR compliance.

When you’re working with personally identifiable information (PII), you may have to follow data privacy laws that govern how you must handle it. If the PII comes from an educational institution, that law is the Family Educational Rights and Privacy Act, also known as FERPA.

The Fundamental Review of the Trading Book (FRTB), introduced by the Basel Committee on Banking Supervision (BCBS), will transform how banks measure risk. FRTB is designed to address some fundamental weaknesses that did not get addressed in the post-2008 financial crisis regulatory reforms. In order to help make banks more resilient to drastic market changes, it will impose capital requirements that are more closely aligned with the market’s actual risk factors.

Once upon a time (2017), in an office far far away, you may have been cornered in a conversation with someone from Legal about GDPR. It could have gone something like this: “You there, Data Engineer” “Yep, that’s me” “What PII do we have residing in this Apache Kafka database?” You probably mumbled something about Kafka not being a database. “And who can read/ write the data?