Data Privacy
Data privacy risks are becoming more prominent in the business fabric of small to large organizations today. Consumer data protection has become major topic of discussion across all industries and regulators around word have come up with stringent data protection laws to ensure personal data is not being misused.
Companies handling personal information of their customers and employees need to comply with various data privacy related laws and need to come up with.
We have developed integrated data privacy framework that will address data privacy regulation and laws and make organisation compliant. This framework can also be assessed against ISO 22701 standard.
Our solutions include:
- End to end privacy framework development and certification.
- User awareness programs and eLearning program on data privacy.
- Gap Assessments.
- Data privacy framework development.
- Privacy Impact assessments.
- Privacy registers.
- Inter company data transfer agreements.
- Privacy by design.
- Data privacy in applications.
- Compliance to GDPR,CCPA and other Data Privacy laws.
- Record management.
- Managed Data Privacy Office Function.
Our team can help your organisation in becoming compliant to regulation and laws related to data privacy that are applicable:
- GDPR: Global Data Protection Regulation.
- GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states.
- Organizations that operate within the EU or that process EU citizens’ data irrespective of their location must make sure they adapt to the new Regulation and become compliant.
- CCPA: California Consumer Privacy Act.
California Consumer Privacy Act of 2018 (CCPA) is the toughest data privacy law in the United States to date, he CCPA applies to every company in the world if:
- They collect personal data of California residents.
They (or their parent company or a subsidiary) exceed at least one of the three thresholds:
- Annual gross revenues of at least $25 million.
- Obtains personal information of at least 50,000 California residents, households, and /or devices per year.
- At least 50% of their annual revenue is generated from selling California residents’ personal information.
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard,. ISO 27701 specifies the requirements for – and provides guidance for establishing, implementing, maintaining and continually improving – a PIMS (privacy information management system).
It is an integrated Privacy framework that will help organisation in assessing its Privacy information management systems against international standards.
We also have managed data privacy office solutions where in we help you in maintaining ongoing operational overheads of applicable data privacy frameworks, laws and regulation by acting as your extended data privacy office on call basis.