We have health checkups to determine our physical condition, why not do the same for the privacy program?
A privacy health check is an economical way to obtain a baseline on the state of your privacy program. We utilize standard checklists to evaluate various aspects of your program. We work with our clients to determine the scope for this checkup. This process provides practical recommendations that can be implemented by your organization to help mitigate risks.
Privacy Impact Assessment
Privacy impact assessments (PIAs) are intended to be a tool that you can use to identify and reduce the privacy risks of your projects and ultimately your organization. A PIA can reduce the risks of harm to individuals (e.g. customers, patients, employees, etc) through the misuse of their personal information.
We utilize questionnaires based on industry framework to provide a comprehensive analysis on the state of the privacy program. We work with our clients to establish goals and objectives that are aligned with business expectations. The scope of the assessment and deliverables are determined by collaborating with clients and key stakeholders. The following are some of the components that can be included in the PIA:
- Policy review
- Gap Analysis
- Collection & Use of PII
- Openness & Transparency
- Incident Response
Privacy Program Development
For those clients that all limited privacy resources, we can assist with all aspects of program development. We will tailor this to fit the specific needs of your organization, industry, requirements.
Training is integral to reinforcing policies, standards, work instruction and regulatory requirements. We conduct workshops and training can be conducted virtually or on-site.
The following are some of the topics that we cover:
- How to develop a privacy program
- How to conduct a privacy audit
- Privacy 101
- HIPAA/HITECH Compliance
- PCI Compliance
- BYOD Considerations
- Tips for buying breach management and cyber insurance
We can also customize training/workshops for your organization. Contact us for details and a quote.
Does your program comply with your company policy? Regulatory requirements? Internal requirements?