Safeguarding and proper handling of personally identifiable information (PII) is a key consideration in today’s cyber threat environment. It is necessary to protect PII during its collection, reception, storage, dissemination and destruction. How an organization performs these functions can not only impact customers, but the organization itself. Protecting PII is essential to an organization’s reputation, bottom line and legal standing.
PKH Enterprises employees a number of professionals familiar with assessing an organization’s privacy posture as implemented in policy, processes and technologies. We maintain current knowledge of applicable federal and state privacy laws and accreditation standards, and we monitor advancements in information privacy technologies to help ensure organizational adaption and compliance. Our expertise allows us to provide services that enable compatibility across identity provider regimes.
During a privacy assessment, we identify:
- Conformance Requirements – The legal, regulatory, and policy requirements for privacy that are applicable to your organization.
- Risks and Effects – Strong and weak measures that your organization is using to protect PII and ways to improve them.
Our relationship with your team does not end at the privacy assessment; we will work with your organization to build a comprehensive privacy structure. We have expertise to:
- Work with your organization’s privacy officer to perform Privacy Impact Assessments to determine the what, why, and how of collecting, using, accessing, sharing, safeguarding, and storing of PII.
- Evaluate the protections that your organization has in place and suggest additional or alternative processes to mitigate privacy risks.
- Assist in the identification, implementation and maintenance of an organization’s information privacy policies and procedures.
- Provide privacy training to staff.
- Establish policies and procedures for the appropriate access, inspection, and amendment of PII.
- Develop processes for receiving, documenting, and tracking complaints concerning the organization’s privacy policies.
- Promote activities to foster information privacy awareness within an organization.
- Advise on the establishment and operation of privacy-related governance bodies.
- Build system-related information security plans throughout your organization’s network to ensure alignment between security and privacy practices.