Privacy Services
We provide a range of privacy services including assisting with Privacy by Design to ensure privacy is embedded in your projects, Privacy Impact Assessments to assess and suggest appropriate privacy controls for current solutions, to maturity reviews to determine your organisational posture.
|
Privacy Impact Assessments
A Privacy Impact Assessment (PIA) is used to identify potential risks arising from the collection, use or handling of personal information, to ensure organisations are meeting their legal obligations. It may be conducted on new systems or existing systems, specifically after changes are being applied.
Privacy Maturity Assessments
PrivSec can assist you in conducting your Privacy Maturity Assessment Framework (PMAF) assessments. This includes reviewing the following elements to determine your organisations current maturity:
- Governance, Leadership and Accountability
- Culture
- Assurance
- Information Management
- Privacy Risk Assessment
- Privacy Programme
- Business Processes
- Implementation of the Information Privacy Principles (IPPs)
- Breach & Incident Management
Privacy by Design
Incorporating security and privacy design principles early on in the development of a new system or service saves both time and money down the road, reducing costs of rework and delaying go-live dates. PrivSec can review your design documentation and attend workshops to help align your services with best practice.
In comparison with a Security Design Review, a Privacy Design Review will tend to focus more on the context for collecting the information as well as the way it is handled, than the details of implementation. Both are complementary and can be combined.
In comparison with a Security Design Review, a Privacy Design Review will tend to focus more on the context for collecting the information as well as the way it is handled, than the details of implementation. Both are complementary and can be combined.
Virtual Privacy Officer
Every organisation is required to have a privacy officer, as mandated under the Privacy Act 2020. PrivSec can assist your organisation to fulfill this obligation with our privacy expertise. We ensure you are complying with the Privacy Act and privacy best practices, including ongoing advice and support. Some examples of services include:
- Staff education and training
- Development of privacy policies
- Privacy Act 2020 and GDPR compliance advice
- Managing privacy breaches