Your customers, employees, & partners privacy data must remain just that, private. From privacy impact assessments to Privacy Act audits we can ensure no PII escapes your borders and becomes public.
TDI understands how data breaches and exfiltration along with cyber-attacks can disclose our customers’ privacy data which can cripple an organization through extensive response and recovery resources and costs, reputation damage, and litigation. Privacy is one of the biggest cybersecurity concerns of organizations today. In the current climate of endless cyber-attacks and inferior cybersecurity defenses, TDI uses several methods to ensure our customers’ privacy data is protected. Our goal here is succinct – we strive to keep our customers’, their customers’, their partners’, and their employees’ personally identifiable information or PII (data that is used to identify a specific individual) safe through a holistic cybersecurity approach to ensure privacy data is secure. In other words, securing privacy data does not come from a “fire-and-forget” approach to privacy alone, rather it stems from a well thought out program for cybersecurity.
As an example of our support, TDI can help you address your privacy concerns by conducting a privacy impact assessment (PIA) to examine your organization’s information systems to identify privacy data that requires special handling. We routinely conduct PIAs to identify and reduce privacy risks within our customers’ organizations. TDI can accurately report to you how secure your systems are and what measures can be taken to reduce attacks which might expose sensitive PII. Upon completion of a PIA, you will be able to answer:
- What information is being collected; e.g., nature and source
- Why the information is being collected; e.g., to determine eligibility
- The intended use of the information; e.g., to verify existing data
- With whom the information will be shared; e.g., another agency for a specified programmatic purpose
- What opportunities individuals have to decline to provide information where providing information is voluntary or to consent to particular uses of the information, other than required or authorized uses, and how individuals can grant consent
- How the information will be secured; e.g., administrative and technological controls
- Whether a system of records is being created under the Privacy Act, 5 U.S.C. 552a
Finally, TDI has extensive experience in guiding organizations on synchronizing PIA events with established regulatory framework timelines to streamline your overall security compliance support operations, whether it be FISMA, SOX, GDPR, or GLBA.
This is schoolyard stuff – a secret entrusted to you needs to remain private. TDI can help you keep a secret.