Services
Privacy
Awareness and Training
Improve your organisation’s posture and resiliency. Tailored coaching and training to coordinating with the IAPP for their official CIPM Privacy Program Management training. Your staff is on the front line of either handling data responsibly or putting your business at risk. We can coach and train your staff to ensure policies and procedures are well understood and reduce your business being vulnerable to data incidents and related harms. For complete Privacy Program Management, we coordinate directly through the International Association of Privacy Professionals (IAPP).
Privacy Program Management Training
Every department of an organisation that processes personal data (marketing, finance, human resources and customer service) has privacy responsibilities that can expose their organisations to financial loss and damage to reputation. IAPP Privacy Program Management Training, the training aligned with ANAB-accredited CIPM certification, gives professionals the skills to operationalise privacy and minimise risks to reputation from improper handling of personal data.
To learn more about the IAPP, click here. For additional information on how to organise training through the IAPP, e-mail katrina@agreaprivacy.com.
Assessments
- Developing a data flow diagram or data map
- Conducting a gap analysis
- Identifying and reviewing privacy risks
- Developing privacy risk reduction plans
- Embedding privacy by design into products and services by performing Privacy Impact Assessments (PIAs)/ Data Protection Impact Assessments (DPIAs).
Once the business processes are well understood and practices have been compared to the privacy legal requirements, we classify risks based on the probability and impact of a breach or privacy complaint. Privacy laws considered: the EU General Data Protection Regulation (GDPR); the California Consumer Privacy Act (CCPA/CPRA); and all other applicable data protection laws.
A privacy assessment report will give you detailed recommendations on steps that should be taken to better meet your privacy protection responsibilities and help strengthen your privacy posture.
ESG & Sustainability
Reporting and Communications
In a broader context, data privacy and protection practices impact an organisation in all three areas of Environmental, Social, and Governance (ESG, there are various frameworks of reporting) and Sustainability (broader overall impact to future generations). Therefore, data protection and privacy initiatives impact overall success of a business and are highly visible to external stakeholders, especially investors.
Organisations that perform a Materiality Assessment and engage with business units to determine and report actions that demonstrate responsible practices, including treating data privacy as a sustainability issue will improve the content needed for ESG reporting.
Risks can be more effectively managed when recognised early on. Agréa has experience in serving as a liaison between business units to gather input, generate content for reporting efforts. Effective ESG program management requires intuitive reporting and actionable insights to help you set goals and track progress.
Communications - including to demonstrate responsible use of AI/IoT in both areas, privacy compliance and sustainability impact.