Securing a positive review from an independent third party of an organization’s compliance with privacy and security standards is often necessary before the organization can have access to certain types of information. This kind of requirement is found in an ever-growing number of regulations controlling access to personal data collected and retained by state and federal governmental authorities. It is also increasingly being found as a contractual requirement for commercial organizations to allow access to personal information under their stewardship by other commercial organizations, such as in the supplier context.
The regular review of an organization’s compliance with privacy and security standards may also be necessary in order to comply with a judgement or consent decree at either the state or federal level. This has become an expected part of Federal Trade Commission and state attorney general enforcement action consent decrees, as well as in settlements of privacy-related class actions and private lawsuits.
PAI has the experience, credentials, resources and processes to conduct these kinds of reviews and certify the resulting conclusions. Our reviews are completely objective, but our client-orientation dictates that we work hard to meet your time requirements for completion.