Many companies over-collected data during the past decade and moved it unsystematically around their networks. Now, the CPRA and GDPR require companies to minimize data collection, and regulators are asking organizations to demonstrate that they properly collected their stored data, heightening the need for data audits. At the recent Privacy & Security Forum’s Fall Academy, Eric Friedberg and Heidi Wachs of Aon’s Cyber Solutions, joined by Lisa Sotto of Hunton Andrews Kurth, discussed methodologies for auditing data holdings and “unscrambling the digital eggs,” and provided tips for investigating and certifying that stored and transferred data complies with privacy regulations. See “Navigating the Risks of Alternative Data Collection and Use
” (Mar. 26, 2019).