SecureState’s approach maps out critical information processes and determines if regulatory controls have an impact on the business. The goals are to:
- Efficiently execute your privacy compliance effort
- Examine the regulations and get answers for you quickly
- Ensure remediation is cost-justified
- Keep you up-to-date on Privacy requirements, threats, and liabilities
Based on SecureState’s experience, very few organizations are fully compliant with privacy laws and regulations. Therefore, SecureState has developed a cost-effective approach that will provide the most options and flexibility while becoming compliant with the various laws. Privacy services performed by SecureState can include the following:
- Privacy Assessments
- Privacy Audits
- Breach Notification Procedures
- Privacy Awareness Training
- PCI, GLBA, & HIPAA Privacy Compliance
- Guidance and assistance in developing and implementing an overall privacy program
- Guidance on compliance with the Gramm-Leach-Bliley Act, Fair Credit Reporting Act, FACTA Act (Red Flag Rules) and implementing regulations and regulatory guidance related to the financial industry.
- Compliance efforts regarding European Union data protection Directives and initiatives, Canada’s PIPEDA, and other international privacy regulations.
- Monitoring of state and federal privacy-related legislation and regulations, and guidance on compliance with such laws and regulations (S.B. 1490, BEST PRACTICES ACT of 2010).
- Monitoring of industry best practices and developments, and guidance on complying with or maintaining practices in line with changing industry standards.
- Development of privacy and data security training programs
- Development of due diligence and contractual language with respect to vendors that obtain or have access to personal data