Subject to Data Privacy Regulations?

GDPR & US Data Privacy

The EU GDPR (General Data Protection Regulation) and its American counterparts (e.g. the California Consumer Privacy Act) require companies that store or process personal data to take specific measures to protect the privacy of their consumers. Violations can result in hefty penalties.

HIPAA for Healthcare

Health care providers and other “covered entities” are required to safeguard protected health information (PHI) in compliance with HIPAA and HITECH rules. Safeguards are largely prescriptive and include both privacy and electronic data security measures.

GLBA for Financial Institutions

Under the Gramm-Leach-Bliley Act (GLBA), companies that offer consumer financial products or services are required to take steps to protect the privacy of their customers’ financial information and to safeguard their sensitive data.

About Our Data Privacy Services

Privacy Readiness Assessment
Privacy Preparedness
Monitoring Compliance

Privacy Readiness Assessment

Navigating Your Compliance Requirements

Group 1 begins by performing an assessment of your existing privacy and security practices against the relevant compliance framework, such as GDPR, HIPAA or GLBA. The outcome is a plan that charts your course to regulatory compliance.

Privacy Preparedness

Establishing Your Privacy and Security Programs

Group 1 offers the full range of preparedness services to help get your compliance program underway, from subject matter expertise to remediation oversight to full program management. The result is an optimally sized privacy program for your company.

Monitoring Compliance

Verifying Controls Effectiveness

Group 1 performs independent controls testing to help ensure companies are meeting their regulatory requirements for privacy and data security. The outcome is compliance with the program monitoring requirements as outlined in the various privacy programs.