GoSecure Privacy & Compliance Services
Improve Data Protection

GoSecure Privacy & Compliance Services evaluate and improve data protection and privacy practices to help achieve compliance objectives.

Industry and geography-based requirements to protect data privacy are complex and rapidly evolving. Laws and regulations are designed to help organizations take the right steps to ensure information is safe but complying can be both costly and time-consuming without professional expertise and regular evaluation against compliance goals.

The consequences of a data privacy breach can be catastrophic to both the reputation and finances of an organization. GoSecure has the expertise to help navigate the complicated regulatory landscape and support organizations to protect consumer data.

  • A comprehensive Privacy Practices Assessment delivered by the trusted privacy and security experts at GoSecure will evaluate the current privacy programs in place, assess the regulatory landscape that applies to an organization and help improve compliance with regional, national and international data protection standards.
  • GoSecure offers merchants and service providers Payment Card Industry Data Security Standard (PCI DSS) services. In Canada, that includes delivering a Report on Compliance (ROC) as a Qualified Security Assessor.

At GoSecure, experts don’t just hand over a report full of failed measures — the team works with clients to achieve compliance standards through hands-on collaboration with global experts.

GoSecure Privacy Practices Assessment (PPA)

Organizations across the globe benefit from connectivity tools that allow consumers to access their products and services, but this creates a burden when the expectation to comply with data privacy standards is placed on organizations who are unprepared or unfamiliar with the expectations. Even organizations with privacy programs struggle to keep up as regulations are added and updated. According to a recent survey of the International Association of Privacy Professionals, they consider complying with international data transfer laws the most difficult task they face. And the top concern that privacy professionals are asked to report on to Boards of Directors is data breaches.

The Privacy Practices Assessment (PPA) is a two-step process designed to deliver a comprehensive appraisal of data protection practices with actionable insights and improvement recommendations to help organizations meet their compliance objectives.

Step 1

The initial Privacy Practices Review (PPR) will:

  • Gauge the current internal and external privacy ecosystems at an organization
  • Assess applicable data protection legislation and regulations based on geography, business model, industry, etc.
  • Identify privacy and compliance program goals

Step 2

The full Privacy Practices Assessment (PPA) is customized to the needs of the organization, based on findings from the PPR, to deliver an evaluation of the organization’s ability to:

  • Comply with applicable consumer data privacy standards
  • Respond to data breaches and other privacy challenges
  • Meet organization privacy goals

The PPA includes nine critical concepts guiding a framework of more than 70 individual corresponding elements to deliver a comprehensive privacy appraisal and drive improvements.

Why Consider a GoSecure Privacy Practices Assessment?

  • Experienced professionals at GoSecure designed the proprietary PPA program on a core methodology built from the ‘fair information principles’ which all privacy legislation around the world is foundationally based on.
  • The PPA also blends best practices from ISO/IEC 27701 & the NIST Privacy Framework to ensure a comprehensive approach.
  • The PPA is a personal engagement with the skilled and trusted Privacy and Security experts at GoSecure who work with clients through a collaborative, interactive approach that delivers tangible guidance and improvements – not an automated questionnaire with pre-programmed scoring.
  • PPA reports and recommendations are insightful and actionable, with clear associations to the critical concepts in the framework which make them easily shared with leadership and boards of directors.
  • GoSecure is a trusted and proven expert in cybersecurity who understands how to protect against breaches, offering a multi- disciplinary perspective to data protection recommendations.
  • Experienced professionals at GoSecure designed the proprietary PPA program on a core methodology built from the ‘fair information principles’ which all privacy legislation around the world is foundationally based on.
  • The PPA also blends best practices from ISO/IEC 27701 & the NIST Privacy Framework to ensure a comprehensive approach.
  • The PPA is a personal engagement with the skilled and trusted Privacy and Security experts at GoSecure who work with clients through a collaborative, interactive approach that delivers tangible guidance and improvements – not an automated questionnaire with pre-programmed scoring.
  • PPA reports and recommendations are insightful and actionable, with clear associations to the critical concepts in the framework which make them easily shared with leadership and boards of directors.
  • GoSecure is a trusted and proven expert in cybersecurity who understands how to protect against breaches, offering a multi- disciplinary perspective to data protection recommendations.

Understanding Who’s Impacted by Key International Data Protection Regulations

Regulation or Law Whos Impacted?
Personal Information Protection Electronic Documents Act (PIPEDA)

Organizations that collect, use or share the personal information in Canada.

There are some limited exemptions, and some Canadian provinces have their own stringent privacy laws that supersede PIPEDA. Ask a GoSecure expert to learn more.

Bill 64 – Quebec, Canada

“An Act to modernize legislative provisions in regard to the protection of personal information.”

Organizations that collect, hold, use or disclose personal information while offering goods or services to the residents of Quebec. This includes public agencies such as the government, municipalities, schools, healthcare and social services.
General Data Protection Regulation (GDPR)

Any organization that collects and processes personal identifiable information within the European Union (EU) or targets or monitors/tracks EU citizens and has more than 250 employees—and smaller organizations that collect and process data electronically.

The law also included standards for citizens to access the data collected by organizations.

California Consumer Privacy Act (CCPA)

There are three main criteria and businesses need only meet one:

  • Sell products and services to residents of CA and have more than $25M in revenue
  • Collect information on more than 50,000 households
  • Earn 50% or more revenue from selling personal data
United States (US) State-specific Consumer Privacy Laws New York, Colorado, Virginia and other US states have passed, proposed or are considering their own legislation to protect the data of their citizen consumers.

Don’t see your data protection standard here? Contact us to see how we can help!

GoSecure Payment Card Industry Data Security Standard (PCI DSS) Services

GoSecure supports merchants and service providers with Payment Card Industry Data Security Standard (PCI DSS) services. In Canada, the team is able to take these services to the next level as a Qualified Security Assessor.

  • Report on Compliance (ROC) – As a Qualified Security Assessor, GoSecure will conduct the extensive and thorough onsite evaluation required to deliver the ROC.
  • Self-Assessment Questionnaire (SAQ) – Get the guidance needed to complete the SAQ and understand any gaps identified through the assessment.
  • Report on Compliance (ROC) – As a Qualified Security Assessor, GoSecure will conduct the extensive and thorough onsite evaluation required to deliver the ROC.
  • Self-Assessment Questionnaire (SAQ) – Get the guidance needed to complete the SAQ and understand any gaps identified through the assessment.
cybersecurity-governance-review

Secure Networks with Monitoring and Regular Testing

cardholder-data

Practices and Standards to Protect Cardholder Data

strong-access-controls

Strong Access Controls

system-updates

Keep Systems and Applications Up to Date and Maintain a Vulnerability Management Program

Payment Card Industry Data
Security Standards (PCI DSS)
policies-notifications

Information Policies and Notification Procedures

Payment Card Industry Data Security Standards (PCI DSS)
strong-access-controls

Strong Access Controls

cybersecurity-governance-review

Secure Networks with Monitoring and Regular Testing

system-updates

Keep Systems and Applications Up to Date and Maintain a Vulnerability Management Program

cardholder-data

Practices and Standards to Protect Cardholder Data

policies-notifications

Information Policies and Notification Procedures

Get the expert help needed to achieve compliance objectives for privacy and compliance standards.

Contact us to learn how organizations have already benefitted from our advisory approach.

GoSecure-Report-On-Compliance
Privacy-Policy

Related Resources

IDC MarketScape

Datasheet

Privacy Practices Assessment (PPA)

GoSecure

Blog

Privacy concerns in working from home during COVID-19

PAB-Infographic

Infographic

Protect Against Breaches

Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Vulnerability Management as a Service
GoSecure Titan
Titan Software
Secure Email Gateway
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Breach Readiness Services
Custom Cybersecurity Consulting Services
Cybersecurity Assessment
Incident Response Services
Red & Purple Team Services
Penetration Testing Services
Privacy & Compliance Services
Security Compromise Assessment
3rd Party Technology

Pin It on Pinterest