The legal landscape for privacy is constantly changing.
Privacy professionals need to monitor emerging laws, interpretations by regulators, and acceptable practices to apply to their organization’s activities. Then they need to determine if their privacy practices fully comply or they need to identify and explain any gaps in compliance to their stakeholders. Privacy Ref makes this easy.
Privacy Ref Requirements Frameworks™ have taken privacy laws and identified the requirements for both data controllers and processors. Each requirement is explained using language that your organizational members who are not privacy professionals can understand.
The reference for each requirement is provided as well as a scorecard so that you can easily identify the status of your organization’s compliance.
As a service, Privacy Ref will work with your team to determine the compliance status of each of the items in the Frameworks. There is also an option to keep this information up to date as requirements, their interpretations, and your business activities change.
With the framework provided as a subscription, Privacy Ref will update the framework as new US statutes are signed into law. Only new requirements need to be evaluated; previously identified requirements do not need to be re-evaluated.
Privacy Ref Requirements Frameworks may be customized to combine the requirements for your unique set of applicable laws. For example, the requirements of GDPR, LGPD, and PIPL can be combined into a single evaluation framework.
We do all the analysis work for you and update the frameworks as new interpretations and opinions from regulators are announced.