PRIVACY
DATA
Privacy is not governed by the same principles as information security. This is reflected in the way regulators and industry groups separate the compliance requirements for these two domains.
Even if your organization treats Privacy and Security as one single business issue to be managed, you should avoid accepting 'generic' assessment methods to handle the privacy of your client, patient, or employee data.
A proper Privacy Impact Assessment (PIA) must follow specific industry frameworks. One of them is known as the Generally Accepted Privacy Principles (GAPP). These are the same fundamental principles used to build the Canadian and American Privacy legislations such as PIPEDA and the Privacy Act, which you are assessing against.
This is why a generic assessment will waste valuable time and resources without meeting your compliance needs. Someone proposing this approach would probably have very little experience with Privacy.
Your Privacy compliance should be handled by a certified Privacy professional.
Strata Privacy professionals are trained and accredited by the International Association of Privacy Professionals (IAPP). We strictly follow the IAPP and GAPP guidelines for conducting PIAs.
In general, a PIA is required in the early stages or a project, usually during the definition phase of a new program or system which requires the collection and storage of personal information. As part of this process, potential privacy risks and implications are identified and qualified.
We deliver value by:
-
Providing a complete view of the privacy practices in place
-
Conducting a detailed analysis of all personal information being collected and disseminated through various relationships with other entities
-
Offering pragmatic solutions to effectively manage privacy issues associated with the initiative
-
Ensuring that your program or system is compliant with all applicable legislations and policies
A PIA will demonstrate that privacy remains a priority throughout the development cycle of your initiative or program.
Contact us today to get started.