The legal landscape for privacy is constantly changing. As privacy professionals we need to monitor emerging laws, interpretations by regulators, and acceptable practices for implementation. Then we need to determine if our privacy practices comply with these requirements and explain any gaps in compliance to our stakeholders. Privacy Ref makes this easy.
Privacy Ref Requirements Frameworks™ have taken global privacy laws and identified the requirements for both data controllers and processors. Each requirement is explained using language that your organizational members who are not privacy professionals can understand.
The reference for each requirement is provided as well as a scorecard so that you can easily identify the status of your organization’s compliance.
For example, in the United States, the number of emerging state laws is rapidly expanding. Privacy Ref has combined the requirements from each of these laws, allowing you to evaluate your organization’s compliance one time with the analysis including all the emerging laws.
Frameworks as a subscription
With the framework provided as a subscription, Privacy Ref will update the framework as new statutes are signed into law. Only new requirements need to be evaluated; previously identified requirements do not need to be re-evaluated.
Privacy Ref Requirements Frameworks™ may be customized to combine the requirements for your unique set of applicable laws. For example, the requirements of GDPR, LGPD, and PIPL can be combined into a single evaluation framework.
We do all of the statute analysis work for you and update the frameworks as new interpretations and opinions from regulators are announced.
You can either implement these frameworks using a subscription to our DYI offering or Privacy Ref can implement them using our Assessment Toolkit Application offering.