SAI360 Announces Acquisition of Plural Policy
Learn more
SAI360 Logo

Data Privacy & Protection News

3 Questions About CPS 230, the New Operational Resilience Standard

CPS 230, recently released by the Australia Prudential Regulation Authority (APRA), has gained prominence alongside similar standards aimed to promote operational resilience. Operational resilience refers to an organization's capacity to withstand and adapt to operational disruptions (whether anticipated or unexpected) while ensuring continuity of critical functions. It has emerged as a vital framework for effectively managing risks and safeguarding business continuity despite adversity. Regulators view ...

By |2025-06-13T16:46:28+00:00July 25th, 2023|Business Resilience, Data Privacy & Protection, Financial Services GRC, Governance, Risk & Compliance: GRC|
Read More

GRC Investment Guide: Navigating the path to Governance, Risk and Compliance

In today's ever-changing business landscape, organizations face an increasing number of risk and compliance challenges. Investing in the right integrated GRC technology is critical. In this GRC Investment Guide, we discuss how this approach is no longer just a luxury, but has become a necessity for organizations that have thrived in a rapidly evolving environment. The right technology allows firms to effectively manage their Governance, ...

By |2025-04-23T20:10:06+00:00July 21st, 2023|Business Continuity, Business Resilience, Data Privacy & Protection, Financial Services GRC, Governance, Risk & Compliance: GRC, Healthcare GRC, Integrated GRC, Internal Controls, IT Risk & Cybersecurity, Regulatory Change, Third-Party and Vendor Risk|
Read More

Securing Our Ecosystem and Third-party Risk Management

SAI360’s supplier risk management and assessment requirements comply with ISO 27001 and are published in our Information Security Management System (ISMS). This includes policies relating to pre-contract supplier due diligence and ongoing monitoring of existing supplier relationships. SAI360 has instituted a risk-based approach to performing due diligence on perspective suppliers. The assessments include evaluation of the third party’s controls relevant to the security and data ...

By |2025-06-13T16:48:07+00:00July 11th, 2023|Data Privacy & Protection|
Read More

Technical and Organizational Measures (TOMS)

SAI360's Information Security program includes, but is not limited to, the following:   Roles and Responsibilities:  Established roles and responsibilities for information security, data protection, and compliance across the organization including assignment of Chief Information Security and Data Protection Officers, and Information Security Management Committee (ISMC) that consist of executive and senior leadership members who provide privacy, security, and compliance oversight Risk Management:  A risk ...

By |2025-06-13T16:48:26+00:00July 11th, 2023|Data Privacy & Protection|
Read More

Identifying and Addressing Security Threats

Identifying security threats and risks to the SAI360 infrastructure, applications, information assets, and overall environment is a continuous lifecycle which everyone at SAI360 has a responsibility to protect in order to maintain a secure environment. The following section will outline how SAI360 identifies security threats, mechanisms to protect against them and overall incident response process.   Security Testing Security testing is a multi-faceted approach in ...

By |2025-06-13T16:49:23+00:00July 11th, 2023|Data Privacy & Protection|
Read More

Compliance with Laws, Regulations and Standards

SAI360 complies with all applicable laws of the countries where it operates. The key legislation applicable to SAI360, in addition to other obligations and applicable national/state laws, is as follows: 201 CMR 17.00 (Massachusetts) Australian Privacy Act 1988 (C’th) California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) Colorado Privacy Act (CPA) Data Protection Act 2018 (UK) and UK General ...

By |2025-06-13T16:49:46+00:00July 11th, 2023|Data Privacy & Protection|
Read More

Securing Our Products and Services

Product and Software Development Lifecycle Product related software development is performed by dedicated SAI360 engineering personnel, which consists of system architects, application engineers and database developers. The engineering department is divided by area of expertise required by product and life cycle. Following the finalization of functional specifications, general software architecture is determined by the product software architect and a hosting services architect. In some cases, ...

By |2025-06-13T16:50:21+00:00July 11th, 2023|Data Privacy & Protection|
Read More

Security and Data Protection Approach

SAI360’s Information Security and Data Protection program is built on a foundation of standards and leading practices which takes a risk based, layered and data centric approach in protecting information assets. This includes but is not limited to ISO 27000 series, NIST Cyber Security Framework, SOC Trust Service Criteria, HIPAA, HITRUST and GDPR. SAI360’s security and data protection approaches are described below, including core principles, ...

By |2025-06-13T16:52:58+00:00July 11th, 2023|Data Privacy & Protection, Uncategorized|
Read More

Privacy Concerns Arise as AI Chatbots Enter Healthcare

Artificial Intelligence (AI) chatbots have long been used in healthcare for basic use cases such as answering questions at an insurer’s website. However, with the rising visibility of ChatGPT, expansion into new healthcare use AI cases has dramatically increased. The global healthcare chatbots market is expected to top $543 million by 2027, at a 19.5 percent Compound Annual Growth Rate (CAGR).  The potential for AI in ...

By |2025-04-28T02:21:44+00:00June 9th, 2023|Data Privacy & Protection, Healthcare GRC|
Read More

Watch IT Risk: From Vulnerability to Resilience Webinar (Video)

In this webinar hosted by Thought Leader Global, in partnership with SAI360, our corporate panel discusses: The evolving threat landscape and current developments Securing stakeholder trust by pre-empting disruptions What does responsive IT security look like? Corporate panelists Marco Bachmann, Audit Director - IT Center of Excellence, Zurich Pierlaurent Barbieri, CFO, Agricoolturs Jeff Schiemann, Chief Information Security Officer, SEBA Bank AG Frederic Virmont, Information Protection ...

By |2023-05-25T08:05:16+00:00May 25th, 2023|Data Privacy & Protection, Governance, Risk & Compliance: GRC, IT Risk & Cybersecurity|
Read More

Solutions

Why SAI360

Resources

Company

G2 Badge

SAI360 logo

205 West Wacker Drive
Suite 1800
Chicago, IL 60606
(312) 546-4500

SAI360 Logo

205 West Wacker Drive
Suite 1800
Chicago, IL 60606
(312) 546-4500

© Copyright | All rights reserved | SAI360 INC.

Trust & Security | Privacy Policy | Terms & Conditions | GDPR | Modern Slavery Statement | HTML Sitemap