Information Security and Technology Consulting
Privacy Regulations
Privacy of records began with HIPAA for medical records but breaches of millions of records from major social media and email platforms has necessitated additional regulation. achieving security LLC can assist with defining, reviewing, and implementing necessary records to keep on hand to maintain the best posture possible for security, and privacy exposure.
GDPR
If you service customers in Europe or process personal data of European Union (EU) residents, you are legally obligated to comply with EU's General Data Protection Regulation (GDPR). Similarly in the US, states are also creating personal data processing requirements.
It's best to make sure you have a "records of data processing" for such data, and a periodic internal audit validation with records kept on file to validate workings of your security controls. We can help craft a continuous improvement records of data processing solution customized for your controls.
Customer and Employee Assurance
With all the various requirements, it makes sense to "do the right thing" and have a consistent methodology for handling the privacy of customer data, employee data, and intellectual property.
