Danielle Barbour, Author at Kiteworks

Runtime Policy Enforcement for Agentic AI Systems

AWS Rex Open-Sources the Runtime Layer of Agentic AI Security

by Danielle Barbour May 28, 2026May 28, 2026 | Cybersecurity Risk Management

On May 4, 2026, AWS published Introducing Trusted Remote Execution: Policy-Enforced Scripts for AI Agents and Humans, open-sourcing Rex under the Apache 2.0 license. The architecture is straightforward: scripts are...

Federal Preemption Reshapes U.S. Data Privacy

Federal Privacy Preemption Just Got Real: What the SECURE Act Means

by Danielle Barbour May 26, 2026May 27, 2026 | Regulatory Compliance

For seven years, U.S. data privacy has run on two parallel tracks. State legislatures enacted comprehensive privacy laws — California first in 2018, then 20 others — while Congress repeatedly...

GDPR at Ten: The AI Decade Will Test Whether the Rules Can Hold

by Danielle Barbour May 26, 2026May 26, 2026 | GDPR Compliance

5 Key Takeaways The first decade of GDPR was a data-at-rest decade. Inventories, RoPAs, breach notices, DPIAs. The next decade will be a data-in-motion decade — prompts, training corpora, model...

Developing DORA-Compliant Exit Strategies for Banks

DORA Article 28 Requirements: Why UK Banks Need Documented Exit Strategies for ICT Third-Party Services

by Danielle Barbour May 24, 2026May 24, 2026 | Third Party Risk

Financial institutions across the UK face mounting pressure to demonstrate comprehensive control over their ICT third-party relationships. DORA Article 28 establishes specific requirements for documented exit strategies that enable banks...

Article 32 Security Measures for Defence Data

GDPR Article 32 Technical Measures: What UK Defence Contractors Must Implement

by Danielle Barbour May 24, 2026May 24, 2026 | GDPR Compliance

UK defence contractors face unprecedented scrutiny over their data protection practices as regulatory authorities intensify enforcement of GDPR Article 32’s technical and organisational measures. The defence sector’s handling of sensitive...

DORA Resilience Requirements for UK Financial Firms

How UK Financial Services Firms Comply with DORA Requirements in 2026

by Danielle Barbour May 22, 2026May 22, 2026 | Regulatory Compliance

The Digital Operational Resilience Act (DORA) is an EU regulation that establishes comprehensive operational resilience requirements for financial entities operating within EU markets. UK-based firms are subject to DORA where...

BAA Implementation for Healthcare Leaders

How to Implement Business Associate Agreements for Healthcare Data Sharing

by Danielle Barbour May 22, 2026May 22, 2026 | HIPAA Compliance

Healthcare organizations face mounting pressure to secure patient data while enabling essential business partnerships. When covered entities share protected health information with vendors, contractors, or partners, they must establish business...

Why 72% Recovery Triggers Regulatory Obligations

Confidence Is Not Recovery: Why 72% Is Where the Regulatory Clock Starts

by Danielle Barbour May 20, 2026May 20, 2026 | Regulatory Compliance

Key Takeaways Confidence-Reality Gap. 90% of organizations believe they can recover from ransomware, yet only 28% fully restore their data. 72% Recovery Average. The typical organization recovers just 72% of...

How Vendor Oversight Failures Increase GDPR Fines

GDPR Enforcement in 2026: When Vendor Oversight Failures Become the Fine Multiplier

by Danielle Barbour May 20, 2026May 20, 2026 | GDPR Compliance

Key Takeaways Rising GDPR Fines Signal Structural Enforcement. €1.2 billion in fines were issued in 2025 alone, pushing cumulative totals since 2018 to €5.88 billion with breach notifications averaging 443...

Healthcare Cybersecurity Act: Essential Provisions

Senate Advances Healthcare Cybersecurity Act 2026: Key Provisions

by Danielle Barbour May 19, 2026May 19, 2026 | HIPAA Compliance

Key Takeaways Landmark Bipartisan Vote Advances Bill. The Senate HELP Committee voted 22-1 to advance the Health Care Cybersecurity and Resiliency Act, signaling strong legislative momentum for enforceable mandates. Mandatory...

Secure Healthcare Data with Strong Agreements

Implementing Business Associate Agreements for Secure Healthcare Data Sharing

by Danielle Barbour May 12, 2026May 12, 2026 | HIPAA Compliance

Key Takeaways Critical Role of Business Associate Agreements. These agreements are essential risk management tools for healthcare organizations, ensuring enforceable data protection obligations when sharing protected health information with third...

GDPR Compliance Requirements for UK Healthcare Providers in 2026

by Danielle Barbour May 2, 2026May 2, 2026 | GDPR Compliance

Healthcare organisations in the UK manage some of the most sensitive personal data in any sector. Patient records, diagnostic images, treatment plans, and research datasets flow continuously between NHS trusts,...

CJEU 2026: Pseudonymization Loophole Shut Down

CJEU 2026 Ruling: Pseudonymization No Longer Exempts GDPR Compliance

by Danielle Barbour April 30, 2026April 30, 2026 | GDPR Compliance

On March 4, 2026, the French Conseil d’État upheld a €40 million CNIL fine against adtech company Criteo SA (NASDAQ: CRTO) for multiple GDPR violations tied to its behavioral advertising...

Healthcare Data Sovereignty Challenges in the Middle East

Why Healthcare Data Sovereignty Requirements Are Changing in the Middle East

by Danielle Barbour April 26, 2026April 26, 2026 | Regulatory Compliance

Healthcare organizations operating across the Middle East face a fundamental shift in how they must store, process, and transfer patient data. Governments throughout the region are introducing stringent data localisation...

What Healthcare Compliance Officers Need for GDPR Audit Preparation

by Danielle Barbour April 23, 2026April 23, 2026 | GDPR Compliance

Healthcare organizations process highly sensitive personal data under conditions that leave little room for error. Patient records, treatment histories, and genomic information flow through multiple systems, cross jurisdictional boundaries, and...

Security and Compliance Blog

Learn security strategies, compare vendors, and implement best practices to prevent breaches and compliance violations from risky third party communications.

Posts by Danielle Barbour