Our Rapid Privacy Program Assessment ™ takes a top-down approach to evaluate an organization’s privacy program and practices by comparing them to requirements from existing and forthcoming laws and regulations, industry-recognized privacy frameworks, and organizational priorities. From this review and subsequent analysis, we identify risks and areas for program improvements. The focus is on actual day-to-day activities of individuals and how they handle personal data. This permits us to focus on a rapid, minimally invasive interview and observation process that can take place over a single business week.
Once the Assessment is completed, you will receive an easy-to-understand report that breaks down the requirements in easily digestible tables. For each requirement reviewed, Privacy Ref identifies the source of the requirement, describes it in plain language, and provides a status for your organization measured against the established industry practices. No legal jargon. No equivocation. Just a straightforward statement about where you stand.
At the end of the process, you will receive an executive briefing that presents findings, expert recommendations, and proposed next steps.
All Rapid Privacy Program Assessments ™ share a process that includes:
- Review of client-supplied artifacts
- Up to 4 days at the client site plus follow-ups completed remotely
- Minutes for review and approval after each meeting
- Preliminary assessment document for review and acceptance
- Final assessment document
Rapid Privacy Program Assessment Contents
- Executive summary
- Assessment process
- Overview of observations
- Comparison with the selected framework (s)
- Improvement recommendations
- Kick-off meeting
- Artifact review
- Privacy Ref interview
- Final report
Receiving a report is only the start of a process. You must then convey the results to your organization, something that can be a challenge if the findings are not delivered in a manner that is easy to consume.
Privacy Ref has broken down legal and other framework requirements into easy-to-understand tables. For each requirement, Privacy Ref Requirements Frameworks ™ identify the source of the requirement, a plain language description of the requirement, and the status of your organization relative to the requirement.
Examples of Privacy Ref’s Requirements Framework that may be applied during an assessment include: