Compliance

Know how your organization can get on the path to compliance

Disini Data Privacy Compliance Process

START

Information is part of the modern economy’s DNA. From the solo practitioner to the multinational giant, every business needs to process personal information – of customers, or employees – as an indispensable part of their operations. The Data Privacy Act protects data subjects and imposes new responsibilities on personal information controllers over how they process data.

STEP 1 – Taking stock

The law applies to many types of information and information processing. Businesses need to take stock of all the data that they hold and determine if these are covered by the law. Data privacy compliance should start with an extensive gap analysis of the enterprise’s information operations, ensuring that the entire lifecycle of information through the organization is accounted for.

STEP 2 –Thorough analysis

Unlike other forms of compliance reviews, data privacy issues can be contextual. Who is the data subject? Does the data subject have an expectation of privacy to the information? Is it lawful or fair to process this data under the circumstances? To this, one must add the layered, interdependent nature of digital information systems. A compliance review requires a sure footing in both the law and technology.

STEP 3 – A customized roadmap

Every business is different, and their path to data privacy compliance must take into account the nature of the data being processed, the nature of the processing and the risks it presents to the data subjects, as well as current best practices that are appropriate for the organization and its resources.

STEP 4 – Integrated path to compliance

Data privacy compliance is not just a matter of procuring the right technology for data security. The “right” firewall or database that is certified “data privacy compliant” will not shield you from liability. While data security is one of the central components of data privacy, and technology has a role to play in all this – data privacy compliance requires more.

STEP 5 – Space for growth

As your organization grows and takes on new functions – this may involve collecting more personal information and performing additional information processing. These new activities must also be studied for their impact on privacy compliance, and structured appropriately to minimize your organization’s exposure.

The Disini Data Privacy Compliance Process is an integrated set of tools and practices that will help you get on the path to compliance. It is designed and implemented by a world-class team of experts, with years of expertise working with information technology systems and the law.

Be Compliant.
Learn More
  • START

    Information is part of the modern economy’s DNA. From the solo practitioner to the multinational giant, every business needs to process personal information – of customers, or employees – as an indispensable part of their operations. The Data Privacy Act protects data subjects and imposes new responsibilities on personal information controllers over how they process data.

  • STEP 1 – Taking stock

    The law applies to many types of information and information processing. Businesses need to take stock of all the data that they hold and determine if these are covered by the law. Data privacy compliance should start with an extensive gap analysis of the enterprise’s information operations, ensuring that the entire lifecycle of information through the organization is accounted for.

  • STEP 2 – A thorough analysis

    Unlike other forms of compliance reviews, data privacy issues can be contextual. Who is the data subject? Does the data subject have an expectation of privacy to the information? Is it lawful or fair to process this data under the circumstances? To this, one must add the layered, interdependent nature of digital information systems. A compliance review requires a sure footing in both the law and technology.

  • STEP 3 – A customized roadmap

    Every business is different, and their path to data privacy compliance must take into account the nature of the data being processed, the nature of the processing and the risks it presents to the data subjects, as well as current best practices that are appropriate for the organization and its resources.

  • STEP 4 – An integrated path to compliance

    Data privacy compliance is not just a matter of procuring the right technology for data security. The “right” firewall or database that is certified “data privacy compliant” will not shield you from liability. While data security is one of the central components of data privacy, and technology has a role to play in all this – data privacy compliance requires more. It means new practices and documentation, establishing a system of stewardship over the personal information held by your organization.

  • STEP 5 – Space for growth

    As your organization grows and takes on new functions – this may involve collecting more personal information and performing additional information processing. These new activities must also be studied for their impact on privacy compliance, and structured appropriately to minimize your organization’s exposure.