Data Privacy Compliance is more relevant than ever today. If you’re collecting as little as an e-mail address from your prospective clients, chances are your organization is subject to a data privacy regulation.
We want to make your life easier by explaining data privacy regulations, how they apply to you, and what steps you should take to cover yourself.
Baseline Data Privacy Compliance
- Counsel around common data privacy regulations, specifically relevant to your organization – including:
- HIPAA (Health Insurance Portability and Accountability Act) for organizations in the healthcare space.
- GDPR (European Union General Data Protection Regulation) for all organizations that handle data of European Union citizens.
- CCPA (California Consumer Privacy Act) for all organizations that handle data of California residents.
- Future State-Specific regulations currently being reviewed.
- Initial Assessment to understand your current data privacy posture, followed by an outline of what you’re missing,
- Clear explanation of your responsibilities to avoid violations,
- Follow-up steps and to-do’s for your organization to become and stay compliant,
- Assistance with Risk Assessment (HIPAA) and Data Privacy Impact Assessment (GDPR).
- Drafting and review of relevant documentation and policies, including
- Policies and Procedures
- Breach Notification, Complaints, and Right to Be Forgotten Forms
- Website audit to ensure that you are doing what you need to be doing.
- Software and Service recommendations for maintaining compliance.
Vendor Security Assessment
- Drafting, editing, or review of
- Business Associate Agreement,
- Data Processing Addendum,
- Personal Information Processing Agreement,
- or other agreements related to processing of data.
- Vendor Security Assessment audits – drafting and review of assessment questionnaires for your vendors, service providers, and third party data processors,