Maintaining a fully staffed privacy office is costly and difficult for most organizations, and shifting global, federal and state data privacy and security regulations make the challenge even greater.
To help clients manage the strain on their internal privacy teams, Focal Point regularly serves as an extension of our clients’ privacy offices, performing privacy assessments and other services that require an independent perspective, technical expertise or resourcing support unavailable in-house. Focal Point's library of templates and best practices – developed through our work with global companies across all industries – can be leveraged to jump start or enhance an existing privacy program. Regardless of the project, our objective is to add value to your privacy office by providing unparalleled expertise, proven approaches and sustainable privacy solutions.
For executives and privacy offices needing visibility into the privacy ecosystem, Focal Point regularly provides independent privacy risk assessments. Our assessments seek to determine what, how, where and why sensitive data is being stored and collected – and compare the effectiveness of your privacy controls against compliance mandates and industry best practices. As a result of our assessment, we provide executive-level and technical detail around your data life cycle, privacy practices, storage requirements and IT policies and procedures. Our final deliverable includes a detailed gap assessment and remediation strategy, allowing your organization to prioritize remediation efforts, minimize the exposure of the most sensitive data and ultimately reduce the risk of data loss.
Effective and compliant policies and procedures are your first line of defense against data loss. Focal Point assists organizations with the creation of national and global data privacy policies and data protection procedures. We ensure that all newly created policies and procedures align with industry best practices and regulatory requirements.
Ultimately, well-designed policies and procedures provide your organization with a framework for continuous monitoring and supply a means for enforcing the privacy principles adopted by your company. Additionally, they serve as a foundation for performing privacy self-assessment audits, as required by certain regulations.
If your organization is breached and sensitive data is compromised, failure to respond appropriately can lead to additional fines, penalties, brand damage and loss of customer goodwill. Having a breach notification plan in place mitigates the damage and allows your organization to recover from the breach in a way that accommodates customer-based information confidentiality regulations. Whether you need full policy creation or are looking to test your existing policies through table-top exercises, Focal Point's privacy team brings the real-world experience to ensure your organization is prepared for all possible scenarios.
With recent changes to the General Data Protection Regulation in the EU, as well as other international data privacy laws, organizations are facing an increasingly complex web of regulations governing the flow of data across borders. Focal Point regularly assesses and establishes organizational compliance with these complex regulations. Leveraging a robust assessment framework, our team identifies and evaluates your cross-border data transfers for both customer and employee personal information. Our approach evaluates the alignment between your operational practices and policies and all relevant privacy regulations. As these regulations continue to evolve, Focal Point's team of legal, compliance and IT audit experts will support your organization and ensure that you have minimized the risk of penalties resulting from non-compliance.