Build a plan and develop processes to meet compliance for GDPR, CCPA, HIPAA and other privacy regulations using Rhymetec privacy expertise.
I What is a privacy compliance program
I Why Managed Privacy Services?
I How we do it
A multi-blended, simulated attack orchestrated from the perspective of a bad guy or group of bad guys. The objective is to realistically simulate a virtual and physical security attack and attempt to uncover security vulnerabilities that might otherwise be discovered by bad actors.
I Phase 1 – Privacy Assessments
Rhymetec strives to provide reports to our customers that truly reveal the vulnerable attack surface of your organization and that detail meaningful, real-world mitigations. Rhymetec does not copy and paste scanning results in our reports. Rather, you will find a full narrative that navigates the customer through the assessment. Our finding write-ups are based on our security consulting experience across many industries and are tailored to your organization’s specific situation.
I Phase 2 – Privacy Program Development
After identifying risks and building a remediation plan, the next phase is to design, build and implement processes and tools to address compliance requirements. Rhymetec offers privacy programs development in accordance with privacy regulations.
I GDPR Privacy Development
- GDPR Privacy Governance Committee and Employee Training
- GDPR Data Inventory and Mapping (including Article 30 reporting)
- GDPR Third Party Risk Management/Vendor Management
- GDPR External and Internal Privacy Notices
- GDPR Policies and Standards (including Data Protection Addendums)
- GDPR Online and Offline Notice and Choice
- PIA/DPIA (including Article 35 reporting)
- GDPR Incident Response Planning (including simulation exercises)
- GDPR Individual Rights Management
I CCPA Privacy Development
- CCPA Privacy Governance Committee and Employee Training
- CCPA Data Inventory Program (including 12 month “look-back”)
- CCPA Risk Assessment Program
- CCPA Transparency Program
- CCPA Use, Retention and Disposal
- CCPA Third Parties and Onward Transfer
- CCPA Choice and Consent
- CCPA Children’s Protection
- CCPA Access and Individual Rights Management
- CCPA Incident Response
- CCPA Policies and Standards
I Phase 3 – Privacy Program Management
- Privacy Office and General Privacy Operations Support
- Privacy and Data Governance Committee Development
- Data Inventory and Mapping
- Privacy by Design Integration
- PIA and DPIA Development
- Data subject and Consumer rights
- Marketing and Website Consent
- Vendor and Third Party Data Management
- Onward Data Transfer Procedures
- Security for Privacy
- Data Breach and Incident Response Planning
- Internal Privacy Policies and Standards
- Employee Privacy Training and Workshops
I Ready to discuss?