Organizations of all types are struggling with protecting access to non-public personal information (NPPI) / Personally Identifiable Information (PII) on customers and employees. With public disclosure of security breaches mandated by numerous privacy regulations, protecting access to confidential information is imperative. The consequences of failure are significant, including brand damage, erosion in customer trust, and negative impacts on market capitalization.

Over thirty states have now enacted information privacy and security breach legislation such as SB 1386 and 201 CMR 17. These individual regulations require that organizations provide adequate protections for confidential information, and in the event of a security breach, many require public disclosure of the event to affected consumers. At the U.S. federal level, existing regulations such as Gramm-Leach-Bliley and HIPAA contain provisions regarding the protection of non-public personal information. And organizations operating internationally are subject to various privacy regulations as well. Beyond the penalties described in the various laws and regulations, class-action lawsuits are now becoming common as a result of security breaches involving consumer information.

Complying with information privacy legislation requires organizations to understand which regulations impact them, to assess where in their environment personal data is stored and used, to classify and inventory personal data, and to develop and maintain adequate controls to protect access to this information. Specific problem areas in information privacy compliance include:

• Identifying where NPPI/PII information is stored and used within the organization is a challenge
• Determining which privacy regulations impact the business, and understanding and reconciling differences in privacy regulation requirements

Avior ensures that the Information Privacy Knowledge Modules are kept current with all major privacy regulations, including federal regulations in the U.S., Canada, Europe, Japan, New Zealand, and Australia, as well as US state privacy regulations.

Benefits of Avior Information Privacy Knowledge Module include:

• Significantly reduces manual labor for assessment activities, provides simple means to assess where personal data is used and stored, and to classify and inventory data
• Enables management visibility into privacy problem areas and risk hotspots with real-time reporting and analytics
• Reduces the burden on business owners who are tired of completing multiple assessments for each compliance and privacy regulation, eliminating “survey fatigue.”
• Enables the privacy manager to leverage their efforts by distributing the assessment workload
• Reduces assessment costs, provides rapid Return on Investment
  

Home | Solutions | Contact Us