|
|
© 2011 ITPMG, LLC. All rights reserved.
IT Rapid Review Assessment Services:
Data Privacy Compliance
Data Privacy Compliance
Optional
In addition to the deliverables listed above, we can assist clients in a more detailed comprehensive Data Privacy Compliance policies and process assessment, detailed recommendations for improvement, technology plan and test exercise, incident management planning and help to implement the approved recommended initiatives.
Target Audience:
CIO, COO, CEO, Board of Directors
Management responsible for ensuring that all private data is secure, responsible for data privacy technology deployments, process management and education.
In addition to the deliverables listed above, we can assist clients in a more detailed comprehensive Data Privacy Compliance policies and process assessment, detailed recommendations for improvement, technology plan and test exercise, incident management planning and help to implement the approved recommended initiatives.
Target Audience:
CIO, COO, CEO, Board of Directors
Management responsible for ensuring that all private data is secure, responsible for data privacy technology deployments, process management and education.
In today's economic environment, expectations are high that an organization uses data in ways that
maximize benefits to their clients, customers and constituents. This data can include order details,
purchasing history, demographics, financial accounts, health information and literally thousands of
data points, many of which are considered sensitive. This state of technology has not gone
undetected by ambitious criminals who lie in waiting for the slightest vulnerability that they can
exploit into their personal gain. Many states have passed legislation designed to prevent this
exploitation of an individual's private data. Following the path forged by the Health Insurance
Portability and Availability Act ("HIPAA"), private data has expanded to include information that
points to any specific financial or demographic item that is not explicitly publicized or granted access
permission by the individual.
Regulations define very specifically what you must do to reduce the chance that privacy of these data elements will be compromised. Recently passed laws expect organizations with either a business presence in their states, or those that have customers, employees, contractors, or business partners who reside in their respective states adhere to these regulations. That means that you may not need to have presence in the state to be subject to its laws.
These specific items expected for these organizations often include:
Regulations define very specifically what you must do to reduce the chance that privacy of these data elements will be compromised. Recently passed laws expect organizations with either a business presence in their states, or those that have customers, employees, contractors, or business partners who reside in their respective states adhere to these regulations. That means that you may not need to have presence in the state to be subject to its laws.
These specific items expected for these organizations often include:
Our consultants have developed expertise in creating Data Privacy Compliance policies and process
solutions. The team also has experience in performing data privacy compliance policy and process
assessments, designing enterprise IT data privacy compliance policies and processes, data privacy
compliance IT support systems, resource certification, organization training and coaching.
We team with our client to define the improved data privacy compliance process based on their unique goals and business requirements, and educate their team in the process. We believe that our clients must be able to understand and take ownership of the recommendations, and are also capable of making the continual adjustments to the data privacy compliance management process as changing business needs demand.
Deliverables
Standard
Our service offering delivers the following results:
We team with our client to define the improved data privacy compliance process based on their unique goals and business requirements, and educate their team in the process. We believe that our clients must be able to understand and take ownership of the recommendations, and are also capable of making the continual adjustments to the data privacy compliance management process as changing business needs demand.
Deliverables
Standard
Our service offering delivers the following results:
• An assessment and evaluation of the current data privacy policies in place and processes in use
• An evaluation of the current data privacy protection IT support tools
• A gap analysis comparing the data privacy policies, processes and IT support tools to
•.compliance expectations
• An evaluation of the current data privacy protection IT support tools
• A gap analysis comparing the data privacy policies, processes and IT support tools to
•.compliance expectations
Our consultants will deliver a summary report that includes the above deliverables and present the
findings to our client's management.
Work effort may be on-site of off-site and is conducted as follows:
Work effort may be on-site of off-site and is conducted as follows:
• ITPMG will work with designated Client staff to gather the information for review
• Work effort is limited to 2 days for data gathering and assessment and one day for
•.an interactive presentation of findings and recommendations
• ITPMG assumes client has readily available access to skills, content, subject matter experts
• ITPMG will present findings and recommendations within 7 business days after receipt of all
•.information/data from the client and present to senior management
• Work effort is limited to 2 days for data gathering and assessment and one day for
•.an interactive presentation of findings and recommendations
• ITPMG assumes client has readily available access to skills, content, subject matter experts
• ITPMG will present findings and recommendations within 7 business days after receipt of all
•.information/data from the client and present to senior management
Performance Services
Rapid Review Assessment Solution Suite Services
Performance Management & Measurement Services
Benchmarking Services
ERP Optimization Services
Software Development Process Improvement
Risk Management
Skills and Compentency Management
Planning and Strategy Services
Business Planning and Analysis
Business Process Management
Contract and License Management Review and Analysis
Enterprise Network Infrastructure Strategy and Planning
Enterprise Resource Planning (ERP) Strategy Services
IT Strategy and Plan Review
Storage Strategy and Plan Review
Security and Regulatory Compliance Strategy and Planning
Vendor and Technology Analysis
Rapid Review Assessment Solution Suite Services
Performance Management & Measurement Services
Benchmarking Services
ERP Optimization Services
Software Development Process Improvement
Risk Management
Skills and Compentency Management
Planning and Strategy Services
Business Planning and Analysis
Business Process Management
Contract and License Management Review and Analysis
Enterprise Network Infrastructure Strategy and Planning
Enterprise Resource Planning (ERP) Strategy Services
IT Strategy and Plan Review
Storage Strategy and Plan Review
Security and Regulatory Compliance Strategy and Planning
Vendor and Technology Analysis
ITPMG Services
• A knowledgeable person must be appointed to manage the protection of data privacy
• A written information security or data privacy policy must exist and provide specific policies,
•.procedures and standards for protecting protected data
• Training must be provided for all employees and business partners regarding the policy
• A process must be detailed for reporting and correcting violations
• A written information security or data privacy policy must exist and provide specific policies,
•.procedures and standards for protecting protected data
• Training must be provided for all employees and business partners regarding the policy
• A process must be detailed for reporting and correcting violations
Description:
The IT Rapid Review Assessment Data Privacy Compliance provides a fast and efficient assessment and evaluation of the current data privacy compliance process and IT support tools that cover the following:
The IT Rapid Review Assessment Data Privacy Compliance provides a fast and efficient assessment and evaluation of the current data privacy compliance process and IT support tools that cover the following:
Our offering can help you assess the status of your current policies, processes and IT standards in
supporting these regulations and help you do what is necessary to meet compliance expectations.
Our experienced consultants have developed an effective, comprehensive approach to Data Privacy Compliance that will help companies craft a program that can be judged favorably using the backdrop of proven practices based on specific risk or the organization, the industry standard and organization size.
Our experienced consultants have developed an effective, comprehensive approach to Data Privacy Compliance that will help companies craft a program that can be judged favorably using the backdrop of proven practices based on specific risk or the organization, the industry standard and organization size.
• An assessment and evaluation of the current data privacy policies in place and processes in
•.use measurements, related processes and alignment assumptions
• An evaluation of the current data privacy protection IT support tools
• A gap analysis comparing the data privacy policies, processes and IT support tools to
•.compliance expectations
•.use measurements, related processes and alignment assumptions
• An evaluation of the current data privacy protection IT support tools
• A gap analysis comparing the data privacy policies, processes and IT support tools to
•.compliance expectations
Rapid Review Assessment Solution Suite Service Offerings:
Rapid Review - Data Privacy Compliance