Background & Purpose
Privacy and data breaches are a huge risk to organisations. As the market is becoming more aware of their responsibilities in managing sensitive information, the need for secure and reliable data management systems is self - evident.
A host of recent data breaches brings the issue of privacy to the forefront of business risk and compliance. Penalties for non-compliance are high and the damage of a data breach is irreparable.
The iPrivacy Program was born of this environment where an external assessment of your data management system is what businesses need to feel secure.
How it works
The first step will be that the iPrivacy Assessor will discuss what types of information you collect (how, when, how it is used and how it is stored). The Assessor can then plan an approach to come onsite. Once onsite, the Assessor will review how this information is managed in more detail and will generate a report including an assessment of the level of privacy and data breach risk.
The assessment is a high level onsite review. It is designed to efficiently identify potential areas of risk in your business. Depending on the outcome a subsequent privacy impact assessment, to fully review all information and its flow through impact on your organisation, could be a logical next step, particularly if your privacy risk is high.
The assessment might also identify that a subsequent assessment of data security vulnerabilities by an IT Security specialist may be appropriate. Many organisations have trouble with retention of data– how much to keep and when is it OK to remove data?
Often the privacy and security are in place, but vulnerability is around staff awareness and the implementation of controls. The iPrivacy Assessment is a quick and economic way to identify any key risks that may impact your business.