<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

SUITE OF SERVICES services menu

Hamburger-menu.png
MobileSearchIcon.png

PRIVACY ASSESSMENTS

Our suite of privacy attestation services includes compliance requirements with domestic, cross-border, and foreign obligations.

TALK WITH A SPECIALISTRESOURCES

Avani Desai

OUR PRIVACY ASSESSMENT SPECIALIST

AVANI DESAI

PRIVACY ASSESSMENTS PRACTICE LEADER

“Considering the massive amount of personal information being created, transferred and stored today as well as the economic, political and social concerns over transborder data flows, adherence to privacy laws and standards has proven to be a challenging imperative of doing business and maintaining a company’s reputation.”

International Privacy Law

INTERNATIONAL PRIVACY LAW

International privacy laws often vary in breadth and rigidity.  Companies with a customer footprint spanning outside of their country or region may need to demonstrate compliance with the General Data Protection Directive (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), and other foreign privacy principles that differ or even conflict with their own.

TALK WITH A SPECIALIST
EU-US Privacy Shield

EU-US PRIVACY SHIELD

The invalidation of the Safe Harbor framework and negotiations between the United States and the European Union rendered a new set of standards for companies operating abroad.  Understanding and carrying out the overhauled requirements of the EU-U.S. Privacy Shield will be essential for guaranteeing harmonious data flows and cementing relations with your European counterparts.

TALK WITH A SPECIALIST
US Sectoral Privacy Law

US SECTORAL PRIVACY LAW

The American sectoral privacy model has given birth to an array of individual laws specific to industry and societal concerns like the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Family Educational Rights and Privacy Act (FERPA), and the Children’s Online Privacy Protection Act (COPPA).  Depending on the nature of your IT products or services, you may be bound to one or more regulations, and will be expected to develop policies and procedures that comprehensively satisfy them.

TALK WITH A SPECIALIST
State Privacy Law

STATE PRIVACY LAW

Nearly all of the 50 states now have some form of privacy law in place, and state law can sometimes be even stricter than the overarching federal laws.  Whether driven by statutes or common law, accounting for these business and legal obligations can be onerous.

TALK WITH A SPECIALIST

READINESS
ASSESSMENT

A readiness assessment helps an organization align with the requirements stipulated in a privacy framework like the GDPR or GLBA through the formal review of data privacy and security policies, procedures, and technologies in place.  Ultimately, this exercise will identify those areas where compliance gaps exist and allows for necessary remediation.  At the engagement’s conclusion, a report is issued for internal use to communicate the assessment’s results and provide key information on design deficiencies.

ATTESTATIONS

An attestation can be carried out in accordance with the standards of the American Institute of Certified Public Accountants (AICPA) to opine on the design and/or operation of the data privacy and security program in place to comply with privacy laws and standards.  Attestation reports are intended for the use of clients as well as the user entities of the clients’ products and services.

 

FEATURED INSIGHTS

FEATURED REPORT
featuredresource_privacy_2.jpg

EVERYTHING YOU NEED TO UNDERSTAND & COMPLY WITH PRIVACY SHEILD

If your company handles or wants to handle personal data from EU citizens, it will have to comply with and prove it meets the requirements of Privacy Shield.


Get everything you need to know about the changing Privacy Shield, how to be compliant and much more in this guide.