Legally Defensible Privacy Compliance Solutions

In addition to serious financial penalties associated with today’s data breaches, organizations can be forced to pay enormous legal costs, face regulatory fines and crippling oversight such as long FTC consent orders. That’s why companies need to systematically and consistently identify privacy and data protection risks, apply the right standards and solutions and defend their decisions to regulatory authorities and judges.

Our solutions:

  • Mitigate legal, regulatory, fiscal and reputational risks caused by a breach
  • Protect customers and the company executives from reputational risks associated with weaknesses in data protection
  • Support business development, investment opportunities and mergers and acquisitions
  • Secure and protect company trade secrets, intellectual property and technology infrastructure from internal and external threats

Privacy Gap Assessments:

  • Policies and procedures review
  • Data mapping and inventories
  • Assurance and Risk Assessments
  • Findings and recommendations reports
  • Controls evaluation to best practices and standards

Privacy Program Development:

  • Establish program roadmap and governance
  • Design roles and responsibilities
  • Develop technology infrastructure and support
  • Develop and deliver training
  • Program monitoring
  • Privacy by design support
  • Support for hiring and team building

Third Party and Vendor Due Diligence:

  • Contract due diligence and data collection requirements
  • Cloud computing services policy guidance
  • Build vs Buy advisory services

Additional Services:

  • Comprehensive controls evaluation
  • Cross border data transfer guidance
  • Audit preparation and remediation

Laws and Regulations We Cover:

  • California Consumer Privacy Act of 2018, Amendments and Rulemaking
  • HIPAA/HITECH Security, Privacy and Breach Notification Rules
  • Generally Accepted Privacy Principles (GAPP)
  • EU’s General Data Protection Regulation (GDPR)
  • ISO/IEC 27001-2:2013
  • CIS Top 20 Critical Security Controls (CA AG requires)
  • SEC OCIE Cybersecurity Initiative
  • NIST Cybersecurity Framework
  • U.S. Sentencing/DOJ/OIG Guidelines for Effective Compliance (program foundation)
  • Applying Risk Management Program Management and Principles

What you need to know and do to ensure compliance with California’s new Consumer Privacy Act

New regulations governing use of customer and personal data needn’t be burdensome.  Rather, they help reduce expenses and monetize the information lifecycle, identify opportunities for better governance to avoid fines and litigation exposure and foster trust to enhance customer experiences Download A FREE detailed CCPA roadmap to see how you can get your company on the path to compliance.