Do You Know Where You Stand With Privacy Compliance?
Privacy compliance can be bewildering experience for any government or business. The laws and jurisdictions involved are numerous; the rules, confusing; the regulatory consequences, costly. Information is such an integral part of your operations - how do you begin to assess what and how much you need to change your practices, policies, and resources?
Privacy Is Risky Business
Privacy Gap Assessments measure the state of privacy practice in the organization against legislative and industry standards. The assessment process involves a review of your organization's personal information handling practices, including how information is collected and for what purpose; obtaining consent; disclosures to third parties; retaining and disposing of personal information; and protecting it from unauthorized access, use, disclosure, theft, and loss. Through a compliance assessment we help you identify privacy issues, assess and mitigate risk, and the best available resources to ensure compliance.
The Gap Assessment identifies:
Completing Privacy Impact Assessments Without Tears
A Privacy Impact Assessment (PIA) is a systematic process to determine whether new or existing information systems, administrative programs or services, or policies and practices meet basic privacy requirements. Many health care and government organization are required to complete PIAs. Doing so early in the process prevents significant costs from having to retrofit systems or redesign practices for privacy compliance. When included as part of the planning or early developmental stages of a new initiative or system, a PIA can be an extremely effective and proactive tool to:
Privacy Impact Assessments are a regulatory requirement for many health providers and public bodies implemented new personal information systems or practices.
You Can't Be Privacy Compliant Without Good Security
With the proliferation of electronic systems in business today, information assets can do more for organizations than ever before, but are also increasingly at risk from new threats. Providing adequate security for sensitive information requires a fully integrated approach to risk management in protecting this corporate asset. It is imperative that an organization has a comprehensive information system security program in place to protect information assets from:
Cenera relies heavily on the international standard IT Code of Practice for Information Security Management (ISO 27002) to identify and assess existing threats and risks to your systems, policies, and practices and to recommend mitigations and proactive solutions.
For more information, please contact one of our Privacy and Information Management experts at 403.290.0466 or by email.
Cenera, 1100, 1015 - 4 Street SW
Calgary, Alberta T2R 1J4, Canada
|> More Information|