Our Privacy Services include Governance Workshop, Attestation Service, and Privacy Impact Assessment
Privacy Governance Workshop
Privacy Ref’s Governance Workshop, one of our privacy services, allows your privacy team to develop the foundational components for your privacy program. It is designed to enable your privacy team and primary stakeholders to lay the groundwork for a successful, evolving program. The Governance Workshop allows you to put privacy program management theory into practice. Activities include:
- Defining your mission/vision statement
- Defining your scope
- Identifying your participants and stakeholders
- Defining the privacy program activities
- Defining your extended team
- Mechanisms to measure your success
- Tools to estimate the cost of a data breach
- Methods to compare your program to an industry-standard
Once you have researched the laws and regulations you are required to meet, established your organization’s policies and procedures, and rolled out your privacy program to the organization, a couple of questions remain.
- How do you know the privacy program is working?
- How do you verify that policies and procedures in place are being adopted?
- How will you address the situation if they are not?
Privacy Ref’s Attestation Service implements a tailored privacy compliance program without the associated overhead to manage it. With this service employees and third-party processors periodically attest to meeting their responsibilities, including providing supporting evidence. Privacy Ref will analyze the responses and then deliver easy to understand reports containing action-oriented steps to focus on filling any gaps in compliance. Privacy Ref will implement, manage, and maintain the whole system, allowing your privacy program to continuously evolve and improve while being assured compliance is being maintained.
Privacy Impact Assessments
Privacy Ref will:
- Review your privacy and related policies,
- Define Privacy Threshold Assessment and Privacy Impact Assessment questionnaires,
- Implement the questionnaires using an industry-recognized assessment tool, and
- Administer the program including analysis of the submitted PIAs.