Danielle Barbour, Author at Kiteworks

PDPL Compliance for Saudi Healthcare Organisations: Securing Patient Data Under National Privacy Law

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

Saudi healthcare organisations operate under one of the region’s most demanding data protection frameworks. The Personal Data Protection Law establishes comprehensive obligations for entities that collect, process, store, or transmit...

GDPR Article 32 Security Requirements for Financial Services Organisations

by Danielle Barbour March 25, 2026March 25, 2026 | GDPR Compliance

Financial services organisations handle some of the most sensitive data in the global economy. Payment card details, account credentials, transaction histories, investment portfolios, and personally identifiable information flow through banking...

Why DORA Changes Everything for EU Banks in 2026

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

The Digital Operational Resilience Act represents the most comprehensive overhaul of operational risk management for financial institutions operating in the European Union. Unlike previous regulatory frameworks that treated cybersecurity as...

Why Encryption Key Control Matters for UK Financial Institutions

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

UK financial institutions operate under some of the most demanding regulatory and security frameworks in the world. The FCA, PRA, and ICO require robust data protection controls, and institutions must...

Top 5 Compliance Risks in Financial Services RAG Implementations

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

Financial services organisations deploying retrieval-augmented generation systems face a distinct set of regulatory and security challenges. Unlike general enterprise AI deployments, RAG implementations in banking, insurance, and capital markets process...

DORA Incident Reporting: Compliance Strategies for Financial Institutions

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

The Digital Operational Resilience Act establishes comprehensive requirements for financial institutions to identify, classify, report, and analyse ICT-related incidents. Unlike traditional cybersecurity frameworks that treat incident reporting as reactive compliance,...

Data Sovereignty Challenges for UK Investment Firms: 5 Solutions

by Danielle Barbour March 25, 2026March 25, 2026 | Regulatory Compliance

Investment firms operating across the UK face mounting pressure to maintain control over sensitive client data whilst navigating complex regulatory obligations. Data sovereignty, the principle that data remains subject to...

The Executive’s Guide to Compliance‑Ready AI Data Management Solutions

by Danielle Barbour March 20, 2026March 20, 2026 | Regulatory Compliance

Modern enterprises are accelerating AI development, but many struggle to ensure that data use stays compliant, secure, and fully auditable. For executives, this challenge isn’t just operational—it’s strategic. Regulators expect...

A CISO Walks Into a Board Meeting With Only Half an Answer

by Danielle Barbour March 17, 2026March 17, 2026 | Regulatory Compliance

Consider a scenario that will play out in hundreds of enterprises over the coming months. A CISO walks into a board meeting and says, “Our OpenClaw strategy is NemoClaw. NVIDIA’s...

Only 48 Cloud Services Hold FedRAMP High authorization — and Agencies Are Feeling the Squeeze

by Danielle Barbour March 17, 2026March 17, 2026 | Regulatory Compliance

The scarcity of FedRAMP High authorized cloud services is not an abstract compliance concern. It is a procurement bottleneck that forces federal agencies to make security tradeoffs with their most...

HIPAA, GDPR, and SOX Don’t Have an AI Exemption: What Compliance Officers Need to Know

by Danielle Barbour March 16, 2026March 16, 2026 | Regulatory Compliance

When AI assistants arrived in enterprise environments, something unusual happened in compliance programs: they were classified as tools, not as data access systems. The logic was intuitive — the AI...

Why DORA Changes Everything for EU Financial Institutions This Year

by Danielle Barbour March 13, 2026March 13, 2026 | Regulatory Compliance

The Digital Operational Resilience Act fundamentally reshapes how financial institutions across the European Union manage third-party risk, protect critical data flows, and demonstrate regulatory compliance. Unlike previous directives focused on...

How UK Banks Meet DORA Operational Resilience Requirements in 2026

by Danielle Barbour March 13, 2026March 13, 2026 | Regulatory Compliance

UK banks operating within the EU regulatory perimeter or serving EU customers face an environment where digital operational resilience has evolved from a technical concern into a regulatory obligation with...

What Belgian Financial Institutions Need to Know About NIS 2 Requirements

by Danielle Barbour March 13, 2026March 13, 2026 | Regulatory Compliance

Belgium’s financial sector operates under intensified cybersecurity obligations shaped by the NIS 2 Directive, which expands the scope of regulated entities, increases penalties for noncompliance, and enforces stricter accountability for...

Why Third-Party Risk Management Is Critical for Financial Services Compliance

by Danielle Barbour March 13, 2026March 13, 2026 | Third Party Risk

Financial institutions operate within an interconnected ecosystem where third-party vendors handle sensitive customer data, process transactions, and support critical operations. Every external relationship introduces compliance exposure, operational risk, and potential...

Security and Compliance Blog

Learn security strategies, compare vendors, and implement best practices to prevent breaches and compliance violations from risky third party communications.

Posts by Danielle Barbour

PDPL Compliance for Saudi Healthcare Organisations: Securing Patient Data Under National Privacy Law

Why DORA Changes Everything for EU Banks in 2026

Why Encryption Key Control Matters for UK Financial Institutions

DORA Incident Reporting: Compliance Strategies for Financial Institutions

Data Sovereignty Challenges for UK Investment Firms: 5 Solutions

A CISO Walks Into a Board Meeting With Only Half an Answer

Only 48 Cloud Services Hold FedRAMP High authorization — and Agencies Are Feeling the Squeeze

HIPAA, GDPR, and SOX Don’t Have an AI Exemption: What Compliance Officers Need to Know

Why DORA Changes Everything for EU Financial Institutions This Year

How UK Banks Meet DORA Operational Resilience Requirements in 2026

What Belgian Financial Institutions Need to Know About NIS 2 Requirements

Why Third-Party Risk Management Is Critical for Financial Services Compliance

Get started.