Group 1 helps steer your way through data privacy regulations including GDPR, HIPAA and GLBA.
Subject to Data Privacy Regulations?
GDPR & US Data Privacy
The EU GDPR (General Data Protection Regulation) and its American counterparts (e.g. the California Consumer Privacy Act) require companies that store or process personal data to take specific measures to protect the privacy of their consumers. Violations can result in hefty penalties.
Health care providers and other “covered entities” are required to safeguard protected health information (PHI) in compliance with HIPAA and HITECH rules. Safeguards are largely prescriptive and include both privacy and electronic data security measures.
Under the Gramm-Leach-Bliley Act (GLBA), companies that offer consumer financial products or services are required to take steps to protect the privacy of their customers’ financial information and to safeguard their sensitive data.
Group 1 begins by performing an assessment of your existing privacy and security practices against the relevant compliance framework, such as GDPR, HIPAA or GLBA. The outcome is a plan that charts your course to regulatory compliance.
Establishing Your Privacy and Security Programs
Group 1 offers the full range of preparedness services to help get your compliance program underway, from subject matter expertise to remediation oversight to full program management. The result is an optimally sized privacy program for your company.
Verifying Controls Effectiveness
Group 1 performs independent controls testing to help ensure companies are meeting their regulatory requirements for privacy and data security. The outcome is compliance with the program monitoring requirements as outlined in the various privacy programs.