Data Privacy Policies & Data Protection Procedures
Policies and procedures establish a baseline by which all work should be performed and help ensure that each task, from the most basic and routine to the most complicated and critical, are executed properly and consistently.
Sunera can assist an organization in creating national or global corporate data privacy policies and data protection procedures. These polcies and procedures will be created to align with industry best practices and regulatory requirements taking into account the organization’s corporate environment and business model. When creating the policies and procedures, we typically utilize the information gathered through a privacy risk assessment to ensure that what is created is appropriate for the organization.
The creation of the policies and procedures typically involves a privacy committee as well as other key stakeholders identified during the assessment. Ultimately, the newly created policies and procedures can provide a framework for continuous monitoring throughout the organization and supply a means for enforcing the privacy principles adopted by the company. Additionally, they can also serve as a basis from which to perform privacy self-assessment audits, as required by certain regulations.
Sunera has helped many organizations develop, formalize and/or re-evaluate their data privacy policies and procedures to ensure they are meeting the needs of the organization as well as regulatory requirements such as HIPAA, GLBA and PCI compliance. Through observation, documentation review, along with interviewing business process owners and management, we are able to formalize and optimize the organizations policies and procedures.
