PRIVATECH has extensive experience conducting in-depth privacy assessments of existing on-line and off-line initiatives in order to identify and mitigate privacy risks.
PRIVATECH defines a privacy assessment as an evaluation of business processes to determine the level of compliance with applicable privacy and data protection laws, as well as best practice benchmarks, which includes:
- developing a data flow diagram or data map;
- conducting a gap analysis;
- identifying and reviewing privacy risks; and
- developing privacy risk reduction plans.
Once the business processes are well understood and practices have been compared to the privacy legal requirements, we classify risks based on the probability and impact of a breach or privacy complaint.
Privacy laws considered include Canada's Personal Information Protection and Electronic Documents Act (PIPEDA); the EU General Data Protection Regulation (GDPR); the California Consumer Privacy Act (CCPA); and all other applicable data protection laws.
PRIVATECH’s privacy assessment report will give you detailed recommendations on steps that should be taken to better meet your privacy protection responsibilities.