Review of Privacy Practices

Privacy Practices

Privacy concerns exist wherever personally identifiable information or other sensitive information is collected, stored, used, and finally destroyed or deleted in digital form or otherwise. Improper or non-existent procedures for data disclosure are often a root cause of privacy issues. Organizations are not always aware that privacy laws cover categories of personal information including:

The challenge of data privacy is to utilize data while protecting individual’s privacy preferences and their personally identifiable information. The fields of computer security, data security and information security design and utilize software, hardware and human resources to address this issue. As the laws and regulations related to privacy and data protection are continually changing, it is important to keep abreast of any changes in the law and regularly reassess compliance with data privacy and security regulations.

Project Objective

Review the privacy practices of a key player in power generation and mitigate risk using KI Design’s risk-based approach to data privacy and security.

Approach

KI Design conducted a privacy, security, and risk assessment for technical and non-technical asset data flows. We conducted a review in three stages:

Investigation and Maturity: Building a profile of the organization’s privacy history and goals, including current privacy concerns

Privacy and Security Risk Assessment: Taking inventory of data assets, vulnerabilities, risk levels, and mitigating controls in order to assess compliance with legislative obligations and industry best practices

Recommendations and KI Tools: Creating a simple, scalable plan to grow the organization’s privacy maturity, defining risk mitigation steps and program strategy

At the end of the project, we provided a Maturity Assessment, a Privacy and Security Assessment, and a Privacy Plan tailored to the needs of the organization.

Methods

Highlights

KI Design has a proven track record of successful engagement with a wide variety of clients from the public and private sectors, including from government. Our privacy review services leave our clients assured of compliance, and prepared to address upcoming challenges.