TrustArc Blog

Why Companies Need a Privacy Partner

November 28, 2016

K Royal, CIPP/US, CIPP/E, Sr. Privacy Consultant Companies need a privacy partner, not just a privacy consultant. This is a concept that I have learned with our clients while being a part of the consulting team at TRUSTe. Having been a privacy officer (both as an attorney and a non-attorney) in several industries – healthcare, medical devices, emerging technology and with clients ranging from local government to national, from financial to education in the global realm and specifically within the US sectors – I cannot say that I have seen it all, but I have seen a whole lot of … Continue reading Why Companies Need a Privacy Partner

April Spotlight Events — IAPP Intensive, RSA Conference & More

April 01, 2015

  • April 9th, 9-10 a.m. PT

Preparing for the EU Data Protection Regulation Webinar

This fourth webinar in the Privacy Insight Series is titled, “Preparing for the EU Data Protection Regulation.” The webinar will cover key changes in the current draft of the General Data Protection Regulation, how those changes will impact businesses and steps businesses can take to have a plan in place in order to comply. Speakers include John Bowman, Senior Principal at Promontory and former lead negotiator for the UK on the regulation at the DAPIX working group in Brussels; Christian Wiese Svanberg, Attorney-at-Law, Plesner, former Danish Ministry of Justice; Josh Harris, Director of Policy at TRUSTe; and Steve Wright, Chief Privacy Officer at Unilever.

 

Register here.

Read more “April Spotlight Events — IAPP Intensive, RSA Conference & More”

Privacy Impact Assessments: Final Steps

February 03, 2015

This post is part 4 of a 4 part series about Privacy Impact Assessments (PIAs). 

Every day, Internet users around the globe generate nearly 2.5 quintillion bytes of data. That number will only grow as connected devices become more ubiquitous and our world becomes even more connected.

With all that data, companies need to ensure users’ information is protected. Taking this important step not only protects users and clients, but also helps to ensure companies mitigate risk and protect their reputations.

A PIA is a great way for companies to assess their privacy practices. The six-step process starts with high-level privacy questions, then steps 2 and 3 take a deeper dive into the intricate privacy practices and data flows of organizations to check for gaps that could lead to privacy problems.

Read more “Privacy Impact Assessments: Final Steps”

Privacy Impact Assessments: Creating a Data Map

January 27, 2015

This post is part 3 of a 4 part series about Privacy Impact Assessments (PIAs) that we will be posting weekly.

Privacy officers, executives and project managers all benefit from PIA insights to ensure the privacy practices at their organizations are ethical and safe.

There are a total of six steps when conducting a PIA. Our previous posts focused on the value of PIAs for organizations and the initial steps needed to conduct a PIA. The next steps focus on asking more detailed privacy questions and taking a deeper dive into a company’s privacy practices.

The second step of a PIA is to describe the information flows, also called data mapping.

Read more “Privacy Impact Assessments: Creating a Data Map”

Starting a Privacy Impact Assessment

January 20, 2015

This post is part 2 of a 4 part series about Privacy Impact Assessments (PIAs) that we will be posting weekly. 

Not too long ago privacy was an after-thought; something that most customers and companies weren’t overly concerned about. Now, most consumer concerns around connected devices include privacy breaches and unauthorized information gathering. Many companies have ramped-up their privacy department from one person to an entire staff to ensure consumer data is collected in a safe and transparent way, while mitigating risk for the organization.

Conducting a PIA is a great way for a company to evaluate its privacy practices and pinpoint any weak areas. The purpose of a PIA is to evaluate an organization’s awareness of how it handles consumer and employee information, and allow companies to mitigate risk and monitor privacy risks throughout the development and growth of a company and its products.

Read more “Starting a Privacy Impact Assessment”

Mitigate Risk, Protect Consumer Data With a Privacy Impact Assessment

January 13, 2015

This post is part 1 of a 4 part series about Privacy Impact Assessments (PIAs) that we will be posting weekly. 

The importance of privacy will only grow over time. The amount of connected devices is increasing exponentially – and with that, so is the amount of personal data flowing on the Internet ­– possibly exposing people to risk.

The Privacy Impact Assessment, commonly known as a PIA, is a process for identifying, assessing and mitigating privacy risk for a specific product, service or system. The PIA serves to help companies see where they stand in terms of privacy practices, thereby also helping companies protect consumers’ personal data.

Big data presents a lot of commercial opportunities for businesses, but that data must be mined safely. A number of high-profile companies have made headlines for privacy breaches, and although it’s possible to recover, it can be a long and slow process.

Business of all sizes should conduct a PIA. For companies that want to be around for the long term, privacy is no longer an option.

Read more “Mitigate Risk, Protect Consumer Data With a Privacy Impact Assessment”

Subscribe to Blog