From handling online credit-card transactions to electronic transmission of medical records, the need for protecting data and personal information is central to business operations... Especially as more and more communication and business operations shift to cloud computing providers.
Privacy needs are growing, whether GLBA policies of the banking industry, HIPPA requirements in the health care industry, Safe Harbor Privacy Principles, or more recent state legislation that mandates privacy rules. Organizations of all kinds need to stay current with such regulations and develop a sustainable privacy risk management program capable of safeguarding their reputation and minimizing exposure to potentially costly non-compliance.
Having a strong, foundational set of privacy procedures is essential to protecting customer privacy and even avoiding lawsuits and other potentially damaging actions. We offer you expertise in services that address the soundness of policies and procedures for protecting data, transactions and the people you do business with.
We can help you create a privacy risk management program to mitigate risks related to the personal data you handle as part of your operations, or that you process on behalf of other companies. Increasingly, you and user entities need to provide customers with reasonable assurance that appropriate controls are in place and operating effectively.
Well versed in the regulatory requirements of HIPPA, GLBA, emerging state legislation and business best practices, we can help you address nearly any area involving privacy assessment and privacy risk management services.
- Conduct an Information Privacy Assessment, which is an examination of and opinion on the effectiveness of your existing information privacy policies and procedures
- Help you design and implement privacy policies and procedures necessary to your industry.
- Provide assessment or design services that conform to the AICPA’s Generally Accepted Privacy Principles (GAPP) guidelines
With SJU, you have a privacy risk management partner who stays current with privacy law and can provide solutions for meeting compliance requirements set forth in a constantly growing body of law such as:
- Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”)
- European Union – Directive on the Protection of Personal Data
- Fair and Accurate Credit Transactions Act (“FACTA”) Red Flag Rules
- Gramm-Leach-Bliley (“GLBA”)
- Health Insurance Portability and Accountability Act (“HIPAA”)
- Health Information Technology for Economic and Clinical Health (“HITECH”)
- Massachusetts 201 CMR 17 (“Mass Privacy Law”) and other state legislation
- U.S. – European Union & U.S – Switzerland Safe Harbor Framework
Sound business privacy policies and solid assurances about your organization’s privacy and information integrity controls are essential components of doing and growing business today.