Data Privacy Services: Privacy by Design

PRIMARY CONTACTS:
Eric M. Wright CPA, CITP
Eric M. Fair CISA, CDPSE, CBCLA  

Privacy by design is the process where data privacy and protection are embedded throughout the entire technology lifecycle, from the early design stage through deployment, use and ultimate data disposal or disposition. The concept is for organizations to build privacy directly into technology, systems and practices to ensure consideration and ongoing protection of data privacy.

Privacy by design provides an opportunity to: 

  • Reduce an organization’s data footprint in an effort to minimize the threat landscape;
  • Limit data collection and use to only justifiable business needs; 
  • Build in functions to easily identify and delete data in accordance with retention requirements; and
  • Align the enterprise privacy program with business strategies.

Our approach to Privacy by Design ensures that privacy and security controls are aligned with an organization’s tolerance for risk, its compliance with regulations, and its commitment to building a sustainable privacy-minded culture. 

The qualities of this concept include:

  • Being proactive, by default, ensuring privacy controls are part of the system engineering requirements, testing for effectiveness and monitoring continuously. 
  • Embedded privacy controls into systems and applications, auditing them for regulatory compliance and evaluating them when new threats to information systems are discovered.
  • Demonstrating respect for users through transparent coexisting privacy and security controls, where the protection of organizational information assets is enabled without unnecessary trade-offs.

Don’t forget… Privacy by Design is an element of the GDPR.

Additional Schneider Downs Data Privacy Services

Business Process and Data Flow

A critical component to understanding how an organization’s data (oftentimes consumer data) travels throughout its lifecycle is to develop business processes and data flow diagrams. Learn More

Data Privacy Control Assessment

Regardless of whether your data privacy program was recently established or tenured, it’s important to assess its ongoing effectiveness in today’s ever-evolving technological world. Learn More

Data Protection Impact Assessment 

A Data Protection Impact Assessment (DPIA) is a process to help identify and minimize data protection risks to an organization. Learn More

NIST Privacy Framework Compliance

The NIST Privacy Framework is intended to be leveraged as a foundation to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Learn More

Privacy Regulations and Compliance

Prepare your organization for compliance with data privacy regulations including GDPR, CPRA, CCPA, New York SHIELD Act, GLBA and HIPAA. Learn More

About Schneider Downs Data Privacy Services

At Schneider Downs, our IT Risk Advisory Practice has a team of professionals who specialize in data privacy. Our team not only understands the evolving data privacy regulations but also the technologies that allow for opportunities to enable controls in the effort of reducing and protecting the data footprint and ongoing risks of non-compliance. 

Learn more at www.schneiderdowns.com/data-privacy-services or contact us for more information.

case studies
 
Company impacted by ransomware.
big problem:
Company impacted by ransomware.
big thinking:
Restore system on-site and avoid six-figure ransom.
read more
 
Inefficient tax credit realization.
big problem:
Inefficient tax credit realization.
big thinking:
Identified a $900,000 tax credit, nearly twice as much as prior years.
read more
See more case studies
our thoughts on
Risk Advisory/Internal Audit BY Brendan Leech
The Top Risks Internal Audit Leaders Need to Know for 2024
read more >
IT Risk Advisory BY Sean Thomas
PCI DSS v4.0 is Here…Are You Ready?
read more >
Risk Advisory/Internal Audit, Transportation & Logistics BY Elizabeth Rhodes
The Impact of the Baltimore Key Bridge Disaster on Supply Chain
read more >
ESG, Risk Advisory/Internal Audit BY Matt Hartman, Tony Ielase
SEC Adopts Final Climate Disclosure Rules
read more >
Tax BY Kirk Mitchell
Proposed Bipartisan Tax Plan Released – Overview of the Tax Relief for American Families and Workers Act of 2024
read more >
Have a question? Ask us!

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

contact us

Pittsburgh
Columbus
Metropolitan Washington
follow us
client portal